Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best route to
get stable releases back on track. I thought I had fixed some really old
bugs with those commits but the medicine turned out to be worse than the
disease. My apologies again for letting those problems sneak into releases
:/
I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.
I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check with
RMs to ensure they make it into this next set of releases or we can revert
the previous commits and forget about the bug fixes altogether.
Just let me know which you prefer. Thanks.
Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best route to
get stable releases back on track. I thought I had fixed some really old
bugs with those commits but the medicine turned out to be worse than the
disease. My apologies again for letting those problems sneak into releases
:/I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check with
RMs to ensure they make it into this next set of releases or we can revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
hi,
I would prefer reverting the regression from 5.6.1, and I would be fine
having the proper fix later on, but I think it would be nice if we could
keep that off from the stable branches until we can validate (feedback from
the Horde guys would be nice but it would really help a ton if we could
have tests for both the original problem this was intended to fix and for
the regression introduced while doing so) that the patch is now proper
(maybe keeping it in a pull request in the meanwhile).
What do you think?
--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best route to
get stable releases back on track. I thought I had fixed some really old
bugs with those commits but the medicine turned out to be worse than the
disease. My apologies again for letting those problems sneak into
releases
:/I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check
with
RMs to ensure they make it into this next set of releases or we can revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
hi,
I would prefer reverting the regression from 5.6.1, and I would be fine
having the proper fix later on, but I think it would be nice if we could
keep that off from the stable branches until we can validate (feedback from
the Horde guys would be nice but it would really help a ton if we could have
tests for both the original problem this was intended to fix and for the
regression introduced while doing so) that the patch is now proper (maybe
keeping it in a pull request in the meanwhile).
What do you think?
For me its all right and safe.
Next week we'll have 5.5.18RC1, which could contain the fix if it's
been validated and want to go for an RC stage.
Julien.P
On Tue, Sep 23, 2014 at 7:39 AM, Daniel Lowrey rdlowrey@gmail.com
wrote:Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best route
to
get stable releases back on track. I thought I had fixed some really
old
bugs with those commits but the medicine turned out to be worse than
the
disease. My apologies again for letting those problems sneak into
releases
:/I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check
with
RMs to ensure they make it into this next set of releases or we can
revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
hi,
I would prefer reverting the regression from 5.6.1, and I would be fine
having the proper fix later on, but I think it would be nice if we could
keep that off from the stable branches until we can validate (feedback
from
the Horde guys would be nice but it would really help a ton if we could
have
tests for both the original problem this was intended to fix and for the
regression introduced while doing so) that the patch is now proper (maybe
keeping it in a pull request in the meanwhile).
What do you think?For me its all right and safe.
Next week we'll have 5.5.18RC1, which could contain the fix if it's
been validated and want to go for an RC stage.Julien.P
FYI: I've tagged 5.6.1 and I had to revert the following commits for this:
372844918a318ad712e16f9ec636682424a65403
f86b2193a483f56b0bd056570a0cdb57ebe66e2f
30a73658c63a91c413305a4c4d49882fda4dab3e
84a4041ba47e92e7a0ba03938d0ebf88b5fcf6cf
98e67add15a6b889efe152c23ed15a61f022a63a
98e67add15a6b889efe152c23ed15a61f022a63a and
30a73658c63a91c413305a4c4d49882fda4dab3e were merge commits with conflict
resolution
Could you review that the current status of ext/openssl/xp_ssl.c is proper
in the tag?
Thanks!
--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
On Tue, Sep 23, 2014 at 7:39 AM, Daniel Lowrey rdlowrey@gmail.com
wrote:Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2,
which
is something we usually don't do (but as this could involve
security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle
if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned
on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best
route to
get stable releases back on track. I thought I had fixed some really
old
bugs with those commits but the medicine turned out to be worse than
the
disease. My apologies again for letting those problems sneak into
releases
:/I've got the necessary fixes lined up at this point, I just need to
know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check
with
RMs to ensure they make it into this next set of releases or we can
revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
hi,
I would prefer reverting the regression from 5.6.1, and I would be fine
having the proper fix later on, but I think it would be nice if we
could
keep that off from the stable branches until we can validate (feedback
from
the Horde guys would be nice but it would really help a ton if we
could have
tests for both the original problem this was intended to fix and for
the
regression introduced while doing so) that the patch is now proper
(maybe
keeping it in a pull request in the meanwhile).
What do you think?For me its all right and safe.
Next week we'll have 5.5.18RC1, which could contain the fix if it's
been validated and want to go for an RC stage.Julien.P
FYI: I've tagged 5.6.1 and I had to revert the following commits for this:
372844918a318ad712e16f9ec636682424a65403
f86b2193a483f56b0bd056570a0cdb57ebe66e2f
30a73658c63a91c413305a4c4d49882fda4dab3e
84a4041ba47e92e7a0ba03938d0ebf88b5fcf6cf
98e67add15a6b889efe152c23ed15a61f022a63a98e67add15a6b889efe152c23ed15a61f022a63a and
30a73658c63a91c413305a4c4d49882fda4dab3e were merge commits with conflict
resolutionCould you review that the current status of ext/openssl/xp_ssl.c is
proper in the tag?
Thanks!--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
I will review and report back on the 5.6.1 later today. I've checked with
the horde folks and my recent uncommitted patch resolves any bugs (both old
and new). I plan to commit this for 5.4 and 5.5 today and then subsequently
merge these changes so they can appear in the next 5.6.2. Starting this
evening I will be travelling for the next seven days -- I can communicate
during this time but will likely be unable to write/submit any code.
Hi!
I will review and report back on the 5.6.1 later today. I've checked with
the horde folks and my recent uncommitted patch resolves any bugs (both old
and new). I plan to commit this for 5.4 and 5.5 today and then subsequently
What is this new patch? Please note 5.4 is now supposed to be
security-only, so if we have more untested patches there it won't be
good. I'd like to have some clarity on this ASAP as if we need fixes for
5.4 we're supposed to have RC next Tuesday and I'm not sure I understand
what's going on there.
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
Hi! I'm typing on my phone at the airport so apologies for the brevity and
lack of quoting from previous messages. I will summarize everything in
detail with commit references to clear up any confusion in the next couple
of days.
I believe that by applying the patch below to the 5.4 and 5.5 branches as
they exist currently everything is solved:
https://bugs.php.net/patch-display.php?bug=41631&patch=bug41631.patch&revision=1411139621
However I ran out of time to perform the necessary due diligence and add
test cases before traveling.
In any case I will find time to summarize what needs to happen on-list as
soon as I am able.
FYI: I've tagged 5.6.1 and I had to revert the following commits for this:
372844918a318ad712e16f9ec636682424a65403
f86b2193a483f56b0bd056570a0cdb57ebe66e2f
30a73658c63a91c413305a4c4d49882fda4dab3e
84a4041ba47e92e7a0ba03938d0ebf88b5fcf6cf
98e67add15a6b889efe152c23ed15a61f022a63a98e67add15a6b889efe152c23ed15a61f022a63a and
30a73658c63a91c413305a4c4d49882fda4dab3e were merge commits with conflict
resolutionCould you review that the current status of ext/openssl/xp_ssl.c is
proper in the tag?
Thanks!--
Ferenc Kovács
Please also revert the following commit or we will still have problems:
6569db88081562f68a4f79e52cba83482bdf05fc
Other than this commit everything else looks good. I have verified a new
patch with the horde folks as solving the problem. However, I'm travelling
for the next week (starting in a couple of hours) and I don't want to rush
a (potentially) half-baked fix into the next 5.4 and 5.5 releases without
comprehensive testing. If tags must be created before the end of next week
then the best course of action is to revert these same commits for 5.4/5.5.
I will be able to respond to any correspondence if you have questions in
the coming days. Otherwise, I'll resolve this once and for all when I'm
back in the office.
Regards,
Dan
FYI: I've tagged 5.6.1 and I had to revert the following commits for
this:
372844918a318ad712e16f9ec636682424a65403
f86b2193a483f56b0bd056570a0cdb57ebe66e2f
30a73658c63a91c413305a4c4d49882fda4dab3e
84a4041ba47e92e7a0ba03938d0ebf88b5fcf6cf
98e67add15a6b889efe152c23ed15a61f022a63a98e67add15a6b889efe152c23ed15a61f022a63a and
30a73658c63a91c413305a4c4d49882fda4dab3e were merge commits with conflict
resolutionCould you review that the current status of ext/openssl/xp_ssl.c is
proper in the tag?
Thanks!--
Ferenc KovácsPlease also revert the following commit or we will still have problems:
6569db88081562f68a4f79e52cba83482bdf05fc
there is no need for that, that commit was merged with
98e67add15a6b889efe152c23ed15a61f022a63a, which I've already reverted, and
it was better to revert the merge commit, because it contained
modifications (because of conflict resolution back when you merged it).
Other than this commit everything else looks good. I have verified a new
patch with the horde folks as solving the problem. However, I'm travelling
for the next week (starting in a couple of hours) and I don't want to rush
a (potentially) half-baked fix into the next 5.4 and 5.5 releases without
comprehensive testing. If tags must be created before the end of next week
then the best course of action is to revert these same commits for 5.4/5.5.
I will be able to respond to any correspondence if you have questions in
the coming days. Otherwise, I'll resolve this once and for all when I'm
back in the office.
have a safe trip!
--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
Hi,
It would perhaps be great to communicate on this nasty bug on the PHP
website ?
For example code based on amqplib + ssl
(https://github.com/videlalvaro/php-amqplib) is not working anymore as
well, and it could be a headache to figure out why it's not working. I
assume a lot more libs could be affected.
Thanks,
Jocelyn
Le 23/09/2014 07:39, Daniel Lowrey a écrit :
Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best route to
get stable releases back on track. I thought I had fixed some really old
bugs with those commits but the medicine turned out to be worse than the
disease. My apologies again for letting those problems sneak into releases
:/I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check with
RMs to ensure they make it into this next set of releases or we can revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
Hi,
When do you plan to release a new 5.4.34 / 5.5.18 version with a fix for
those issues ? I'm concerned because our app is just broken with this
issue. Moreover 5.4.33 / 5.5.17 are used in some PHP Buildpack on PAAS
platform like cloudfoundry/pivotal, they are directly affected by the
problem.
Thanks !
Jocelyn
Le 04/10/2014 23:58, jocelyn fournier a écrit :
Hi,
It would perhaps be great to communicate on this nasty bug on the PHP
website ?
For example code based on amqplib + ssl
(https://github.com/videlalvaro/php-amqplib) is not working anymore as
well, and it could be a headache to figure out why it's not working. I
assume a lot more libs could be affected.Thanks,
JocelynLe 23/09/2014 07:39, Daniel Lowrey a écrit :
Hi,
That's a bad thing we need to fix ASAP.
I think for 5.6.1 we'll revert it , if not, we'll need an RC2, which
is something we usually don't do (but as this could involve security,
we may do it).
The fix can be merged to 5.5.18RC1, next week, to have an RC cycle if
not part of a 5.6.1RC2 (tag is tomorrow)5.6 and 5.5 actually overlap in the release weeks. 5.6 is planned on
odd weeks whereas 5.5 is on even weeks.Waiting for Ferenc's advice anyway.
Julien.P
I have no issues with reverting at this point as that's the best
route to
get stable releases back on track. I thought I had fixed some really old
bugs with those commits but the medicine turned out to be worse than the
disease. My apologies again for letting those problems sneak into
releases
:/I've got the necessary fixes lined up at this point, I just need to know
how you guys would prefer to proceed on this.I can commit the relevant changes to 5.4, 5.5 and 5.6 and double-check
with
RMs to ensure they make it into this next set of releases or we can
revert
the previous commits and forget about the bug fixes altogether.Just let me know which you prefer. Thanks.
Hi!
When do you plan to release a new 5.4.34 / 5.5.18 version with a fix for
Next week.
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/