Re: [VOTE] RFC: Multibyte Char Handling
On Sun, Jan 26, 2014 at 1:23 AM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
> Hi all,
>
> This RFC is to fix CVE-2014-1239.
>
> https://wiki.php.net/rfc/multibyte_char_handling
>
> Adding required functions to mbstring and provide them
> from PHP 5.3 and up and replacing mbstring to mbstring-ng
> for future releases.
>
> Thank you for voting!
>
This RFC conflates the addition of a multibyte version of addslashes (in
response to quoted CVE) with the replacement of the mbstring extension by a
completely different implementation (and an incomplete one at that). Those
two things have very little to do with each other and should not be covered
in the same RFC and/or vote.
Nikita
Thread (20 messages)