[php-maint] Bug#422567: security update in etch has same problem

sean finney seanius at debian.org
Thu May 24 21:25:28 UTC 2007


On Thursday 24 May 2007 22:10, Martin Langhoff wrote:
> No - the problem was introduced by Etch+3. There's a security patch that
> supposedly fixes handling of nulls in strip_tags() -- which introduces
> this regression. I think it was the initial patch that the PHP folk put
> together, and then later fixed up.
>
> The debian package has the initial patch with the regression, but not
> the subsequent fixup.

okay, thanks for helping with the clarifications.  if it was a regression in 
the security update then it's possible that an update could also go through 
via another security update.  i'll go ahead and merge it into the etch branch  
and then you'll get it from either the stable point release or the next
security release, whichever comes first.  


	sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070524/50b6d6b2/attachment.pgp 


More information about the pkg-php-maint mailing list