Hi Ondřej
On Wed, Jan 04, 2017 at 03:24:22PM +0100, Ondřej Surý wrote:
> Hi,
>
> any web application that allows passing unsanitized data to
> unserialize() is doomed, so I don't really think that this requires
> immediate attention.
>
> This will get fixed in a normal security cycle with next P
Hi,
any web application that allows passing unsanitized data to
unserialize() is doomed, so I don't really think that this requires
immediate attention.
This will get fixed in a normal security cycle with next PHP release (or
I'll add the patch on top of next release).
Cheers,
--
Ondřej Surý
K
2 matches
Mail list logo