On 22/09/11 01:41, Alan Knowles wrote:
To clarify
* Code changed to work around this change will not break if it is reverted.
Basically it is to add is_object() before any call to is_a()
* If left as is, there is reasonable potential for remote exploits in
many codebases.
* This change is not
+kalle
Hi :
I found this was introduce in r298625,and seems to be a mistake, kalle ,
can you verify this? Thanks
http://svn.php.net/viewvc/php/php-src/trunk/main/SAPI.c?r1=298625&r2=298624&pathrev=298625
> 在 2011年9月22日星期四,Laruence 写道:
>> Hi:
>>
>> I have filed a bug about this #55758,
>>
>> t
Hi :
I found this was introduce in r298625,and seems to be a mistake, kalle ,
can you verify this? Thanks
http://svn.php.net/viewvc/php/php-src/trunk/main/SAPI.c?r1=298625&r2=298624&pathrev=298625
在 2011年9月22日星期四,Laruence 写道:
> Hi:
>
> I have filed a bug about this #55758,
>
> thanks
>
> 2011/
Hi
2011/9/21 Clint Byrum :
> Just to give some perspective on this, we specifically did not ship php
> 5.3.8 in Ubuntu 11.10 (in beta right now) because of this confusion.
> This is in spite of the fact that it would have closed many bugs, and
> reduced some of the burden on our security team sinc
To clarify
* Code changed to work around this change will not break if it is
reverted.
Basically it is to add is_object() before any call to is_a()
* If left as is, there is reasonable potential for remote exploits in
many codebases.
* This change is not really in the wild yet, as pe
Excerpts from Pierre Joye's message of Wed Sep 21 08:01:48 -0700 2011:
> 2011/9/21 Johannes Schlüter :
>
> > Exactly. (while I, at this time, won't argue which behavior is more
> > "correct") changing this in the first place was wrong. Changing it back
> > is wrong again. We have two versions out
Hi:
I have filed a bug about this #55758,
thanks
2011/9/21 Laruence :
> Hi:
> RT,
>
> in main/SAPI.c sapi_header_op, all WWW-Authenticae will send a
> Basic header.
>
> was this removed intentionally? or just by mis-take?
>
>
> thanks
>
> --
> Laruence Xinchen Hui
> http://www.lar
Hi:
RT,
in main/SAPI.c sapi_header_op, all WWW-Authenticae will send a
Basic header.
was this removed intentionally? or just by mis-take?
thanks
--
Laruence Xinchen Hui
http://www.laruence.com/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: h
2011/9/21 Johannes Schlüter :
> Exactly. (while I, at this time, won't argue which behavior is more
> "correct") changing this in the first place was wrong. Changing it back
> is wrong again. We have two versions out with this change. These
> releases reach distributions, reach hosting companies,
On Wed, 2011-09-21 at 09:57 -0400, Matthew Weier O'Phinney wrote:
> Reverting at this point adds a BC break on top of a BC break. Yes, the
> original perhaps should not have happened (and likely wouldn't have, if
> people had actually been testing the RCs...), but I'll argue again: the
> new behavi
On 2011-09-20, Alan Knowles wrote:
> Let's try and close this one.
>
> https://bugs.php.net/bug.php?id=55475
>
> I've just added a patch that adds is_class_of(), which is identical to
> is_subclass_of, and has the new feature of supporting strings and using
> the autoloader.
is_class_of() has a
11 matches
Mail list logo
