found 429603 5.2.0-8+etch4
notfound 429603 5.2.0-10+lenny1
severity 429603 important
tags 429603 confirmed
thanks
Sarge's and Etch's PHP4 seems to be ok. But Etch's PHP5 is affected:
$ php5 -n strip_tags.php
Test1: ok
Test2: affected
Test3: affected
array(3) {
[0]=>
string(2) "'b"
[1]=>
string(2) "a'"
[2]=>
string(1) "'"
}
My test script:
<?php
$test1 = strip_tags("'<test>b");
$test2 = strip_tags("a'<test>b");
$test3 = strip_tags("<test>'<test>b");
$affected = false;
echo 'Test1: ';
if ($test1 != "'b") {
echo 'affected'."\n";
$affected = true;
} else {
echo 'ok'."\n";
}
echo 'Test2: ';
if ($test2 != "a'b") {
echo 'affected'."\n";
$affected = true;
} else {
echo 'ok'."\n";
}
echo 'Test3: ';
if ($test3 != "'b") {
echo 'affected'."\n";
$affected = true;
} else {
echo 'ok'."\n";
}
if ($affected)
var_dump(array($test1,$test2,$test3));
?>
--
Atomo64 - Raphael
Please avoid sending me Word, PowerPoint or Excel attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
