[pLog-svn] Critical: security issue

Tsz Ming WONG tszming at gmail.com
Sat Mar 29 12:51:03 EDT 2008


Hi Jon

On Sun, Mar 30, 2008 at 12:46 AM, Jon Daley <plogworld at jon.limedaley.com> wrote:
>        We currently support PHP 4.2.  I'd like to change that to 4.3 in
> order to use the native fnmatch function, rather than having a
> half-supported $flags parameter (specifically FNM_CASEFOLD).
>        I'll check in that version of the function, but if we can raise
> the minimum to 4.3, we can remove the myfnmatch function altogether, which
> will be better.
>

Yes, this is a quick fix.

As this hole is really a critical one, so how to let users get updated
would be a challenge.

-- 
Best Regards,
tszming


More information about the pLog-svn mailing list