Yeah, I took a quick look through the code as well after I saw this.   
Normally I try to watch for this but I must have been sloppy.

Thanks,

-shire

On Mar 25, 2008, at 3:09 AM, Rasmus Lerdorf wrote:
> Ok, packaging up 3.0.17 now.
>
> I should have been paying more attention to strcpy-related issues.   
> The patch that caused this was:
>
> http://cvs.php.net/viewvc.cgi/pecl/apc/apc.c? 
> sortby=date&view=diff&r1=3.12&r2=3.13
>
> Just remember to always use strlcpy instead of strcpy.  Grepping  
> through the code there are no other strcpy() calls, so I think we  
> are ok now.
>
> -Rasmus
>
> Brian Shire wrote:
>> Nothing from me....
>> Thanks,
>> -shire
>> On Mar 24, 2008, at 10:45 PM, Rasmus Lerdorf wrote:
>>> Anyone have anything they want to squeeze into 3.0.17?
>>> We need a quick release to address CVE-2008-1488
>>>
>>> -Rasmus
>>>
>>> -- 
>>> APC Development Mailing List (http://pecl.php.net/APC)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>