On Fri, Mar 24, 2006 at 01:58:20PM +1100, Brendan O'Dea wrote: >> we noticed that you uploaded perl. Could you please give a more verbose >> reasoning why this upload should go into the next stable point release. >> Your changelog did not really point out which of the issues are release >> critical. > The primary fix is to allow utf8 to be used with taint.
To be slightly more verbose: If two scalars were to be concatenated, and they had the right combination of taint and utf8 flags, the resulting scalar would be converted to UTF-8 but without the utf8 flag set, causing ISO-8859-1 to be converted to UTF-8 and then being interpreted to ISO-8859-1 again. (I have real-world scripts where this happened no less than three times in succession; when "æøå" in your database becomes "ÃÂæÃÂøÃÂÃÂ¥" on your web page, it is what I'd call slightly suboptimal :-) ) /* Steinar */ -- Homepage: http://www.sesse.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
