- Add lost entries

author: Johannes Schlüter <johannes@php.net> 2010-07-21 14:19:59 +0000
committer: Johannes Schlüter <johannes@php.net> 2010-07-21 14:19:59 +0000
commit: 95fb5ed9f2cf1823055efb99b32701f0b847821b (patch)
tree: ebd246a9e62c0e1ac5bb663f0dd43ff559b5b3b6
parent: c863f476a5063b7e32c5ab0e519170441a1fbb92 (diff)
download: php-git-95fb5ed9f2cf1823055efb99b32701f0b847821b.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 0dffdd0345..e346e1662c 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,12 @@ PHP                                                                        NEWS
 
 - Rewrote var_export() to use smart_str rather than output buffering, prevents
   data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
+- Fixed a possible interruption array leak in strrchr(). Reported by
+  Péter Veres. (CVE-2010-2484) (Felipe)
+- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
+  chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
+- Fixed a possible memory corruption in substr_replace() (Dmitry)
+- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
 - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
   Esser (Ilia)
 - Reset error state in PDO::beginTransaction() reset error state. (Ilia)
author	Johannes Schlüter <johannes@php.net>	2010-07-21 14:19:59 +0000
committer	Johannes Schlüter <johannes@php.net>	2010-07-21 14:19:59 +0000
commit	95fb5ed9f2cf1823055efb99b32701f0b847821b (patch)
tree	ebd246a9e62c0e1ac5bb663f0dd43ff559b5b3b6
parent	c863f476a5063b7e32c5ab0e519170441a1fbb92 (diff)
download	php-git-95fb5ed9f2cf1823055efb99b32701f0b847821b.tar.gz