Re: NULL byte poisoning fix in php 5.3.4+

[Pierre Joye <pierre.php () gmail com>]

anyone?

On Thu, Nov 18, 2010 at 5:43 PM, Pierre Joye <pierre.php () gmail com> wrote:
> forgot to add the fixes revs:
>
> http://svn.php.net/viewvc?view=revision&revision=305507
> revert of part of the OCI8 fix
> http://svn.php.net/viewvc?view=revision&revision=305509
>
> OCI8 fix (committed separately)
> http://svn.php.net/viewvc?view=revision&revision=305412
>
> On Thu, Nov 18, 2010 at 5:22 PM, Pierre Joye <pierre.php () gmail com> wrote:
> > hi,
> >
> > The problem describes here http://www.madirish.net/?article=436, in
> > http://bugs.php.net/39863 (and numerous other places) has been fixed
> > in PHP_5_3, targetting 5.3.4 (RC1 to be released today). It is a well
> > (old) known issue in PHP and I wonder if there is a CVE already for
> > it? If not I think having one could helpful. or?
> >
> > Cheers,
> > --
> > Pierre
> >
> > @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
>
>
>
> --
> Pierre
>
> @pierrejoye | http://blog.thepimp.net | http://www.libgd.org



-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org