Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:77651
Return-Path: <smalyshev@sugarcrm.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 49470 invoked from network); 26 Sep 2014 08:09:22 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Sep 2014 08:09:22 -0000
Authentication-Results: pb1.pair.com smtp.mail=smalyshev@sugarcrm.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=smalyshev@sugarcrm.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain sugarcrm.com designates 108.166.43.123 as permitted sender)
X-PHP-List-Original-Sender: smalyshev@sugarcrm.com
X-Host-Fingerprint: 108.166.43.123 smtp123.ord1c.emailsrvr.com Linux 2.6
Received: from [108.166.43.123] ([108.166.43.123:50359] helo=smtp123.ord1c.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 12/34-27411-13F15245 for <internals@lists.php.net>; Fri, 26 Sep 2014 04:09:22 -0400
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp24.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 5FEB7801C4;
	Fri, 26 Sep 2014 04:09:19 -0400 (EDT)
X-Virus-Scanned: OK
Received: by smtp24.relay.ord1c.emailsrvr.com (Authenticated sender: smalyshev-AT-sugarcrm.com) with ESMTPSA id DB2A98018D;
	Fri, 26 Sep 2014 04:09:18 -0400 (EDT)
X-Sender-Id: smalyshev@sugarcrm.com
Received: from Stass-MacBook-Pro.local (108-66-6-48.lightspeed.sntcca.sbcglobal.net [108.66.6.48])
	(using TLSv1.2 with cipher DHE-RSA-AES128-SHA)
	by 0.0.0.0:465 (trex/5.2.13);
	Fri, 26 Sep 2014 08:09:19 GMT
Message-ID: <54251F2E.3010408@sugarcrm.com>
Date: Fri, 26 Sep 2014 01:09:18 -0700
Organization: SugarCRM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: Remi Collet <remi@fedoraproject.org>, 
 PHP Internals <internals@lists.php.net>,
 Daniel Lowrey <rdlowrey@php.net>
References: <CAH8MpnkkYEAR38ujdjsa+RUzAhzLmp62vTFJio0+XUmJzba6qQ@mail.gmail.com> <541C5EB5.6090001@fedoraproject.org> <5423BD7F.5070800@sugarcrm.com> <5423C2B4.8030706@fedoraproject.org>
In-Reply-To: <5423C2B4.8030706@fedoraproject.org>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Re: OpenSSL bug in 5.4.33 and 5.5.17
From: smalyshev@sugarcrm.com (Stas Malyshev)

Hi!

> In released 5.4.33 (and 5.5.17) you have 6569db8 + 84a4041 + 32be79d
> (notice I have revert these 3 patches for downstream)
> 	
> In 5.4/5.5/5.6 you have 6569db8 + 84a4041 + 32be79d + f86b219 + 3728449
> (all reverted in 5.6.1)
> 
> As you said, "5.4 is now supposed to be security-only" so I rather
> think we should revert to 5.4.32 code and have the upcoming fix only
> in 5.5+ (so in 5.5.18RC and 5.6.2RC)

So, I have reverted the code for xp_ssl.c in 5.4 to it's status as of
5.4.32, and left 5.5 and above as is. Hopefully, this improves the
situation. I'd like to ask everybody involved to verify if there are no
more regressions caused by this.

Thanks,
-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/