On Fri, Sep 26, 2014 at 10:09 AM, Stas Malyshev <smalys...@sugarcrm.com> wrote: > Hi! > >> In released 5.4.33 (and 5.5.17) you have 6569db8 + 84a4041 + 32be79d >> (notice I have revert these 3 patches for downstream) >> >> In 5.4/5.5/5.6 you have 6569db8 + 84a4041 + 32be79d + f86b219 + 3728449 >> (all reverted in 5.6.1) >> >> As you said, "5.4 is now supposed to be security-only" so I rather >> think we should revert to 5.4.32 code and have the upcoming fix only >> in 5.5+ (so in 5.5.18RC and 5.6.2RC) > > So, I have reverted the code for xp_ssl.c in 5.4 to it's status as of > 5.4.32, and left 5.5 and above as is. Hopefully, this improves the > situation. I'd like to ask everybody involved to verify if there are no > more regressions caused by this.
Just to let you know, I reverted the commits for our next 5.5.18RC1. I leaved the commits into PHP-5.5, so Daniel you still can finish your WIP. As your WIP is an improvement and not a security fix (AFAIK), I think you should take 5.5 as base branch and merge upwards as usual. 5.4 is in security only state. See that with Stas if needed. Don't forget to ping us (RMs) when you hit a stable state, so that we can together decide what we do for next releases (finally have a clean fix , or revert everything in master branches and forget about this issue and regression). Julien.Pauli -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
