Hi all, I wrote this mail to avoid any confusion about the last two updates of the php package. For the lazy ones: Make sure to update to php-5.2.7-2 In detail: php-5.2.7-1 fixes some security issues. Imho the most serious one is the following described by Stefan Esser: http://www.suspekt.org/2008/12/05/php-527-and-ziparchiveextractto/ Other important changes are summarized in the official changelog which can be found at: http://www.php.net/releases/5_2_7.php Yesterday Jürgen Hötzel noticed that this new version of php breaks magic_quote_gpc. (http://bugs.php.net/bug.php?id=46759) Well, it does not quote anything when enabled. Even though magic_quotes are disabled by default and shouldn't be used at all, this is a serious bug for those who still use apps that rely on this feature. I fixed this bug with the php-5.2.7-2 package. Especially those who have magic_quotes enabled should update to this version. Maybe there will be another upstream release soon. Pierre -- Pierre Schmitz Clemens-August-Straße 76 53115 Bonn Telefon 0228 9716608 Mobil 0160 95269831 Jabber pierre@xxxxxxxxxxxxxxxxxxx WWW http://www.archlinux.de
