On Thursday 24 May 2007 22:10, Martin Langhoff wrote: > No - the problem was introduced by Etch+3. There's a security patch that > supposedly fixes handling of nulls in strip_tags() -- which introduces > this regression. I think it was the initial patch that the PHP folk put > together, and then later fixed up. > > The debian package has the initial patch with the regression, but not > the subsequent fixup.
okay, thanks for helping with the clarifications. if it was a regression in
the security update then it's possible that an update could also go through
via another security update. i'll go ahead and merge it into the etch branch
and then you'll get it from either the stable point release or the next
security release, whichever comes first.
sean
pgpueXTI1RlHp.pgp
Description: PGP signature
