Received Blog notification of potential bug: http://www.macvicar.net/blog/2008/12/critical-bug-in-php-527.html
Here's the text: Critical Bug in PHP 5.2.7 PHP 5.2.7 was released on Thursday but unfortunately a critical bug was introduced during the release candidate process that essentially full disables magic_quotes_gpc even when it’s marked as enabled. The end result being that if you relied on magic_quotes_gpc being enabled it’s now not, potentially a security issue. The other problem is that even if you don’t rely on it being enabled but have an application which attempts to undo the work of magic_quotes_gpc you may end up with some data loss. Such code is present within most applications that want to work with it disabled This has been fixed in CVS so you can grab a snapshot if you've already upgraded to PHP 5.2.7, if not then hold out for PHP 5.2.8 which should appear early next week. If magic_quotes_gpc doesn’t matter to you and you normally run with it disabled then this doesn’t really matter. -- Please upgrade php5 to new upstream version 5.2.7 https://bugs.launchpad.net/bugs/305393 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs