On Thursday 14 October 2004 00:55, Jay Blanchard wrote:
Looking at http://www.php/net/downloads I do not see one.
Maybe that's why the OP asked? Anyway I don't see the reason why one would want a patch. Surely bandwidth can't be an issue? And applying a patch would most certainly mean taking the webserver offline briefly as would a full upgrade.
That's true, but the reason is that I had an issue last time I upgrade (from 4.3.4 to 4.4.8), not a big one, but enough to force the rollback and retry after analyzing and solving the cause. It was a change in the values accepted by "open_basedir" that triggered my problem.
Well.. that's why I prefer patching to upgrading.
Looking in the CVS I found this, but I am not sure if that is ALL the change needed to fix the security bug.
http://cvs.php.net/diff.php/php-src/main/php_variables.c?r1=1.45.2.6&r2=1.45.2.7&ty=u
Saludos!
Federico Petronio
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
