- update #52929 and zip NULL deref

author: Pierre Joye <pajoye@php.net> 2010-10-19 10:16:58 +0000
committer: Pierre Joye <pajoye@php.net> 2010-10-19 10:16:58 +0000
commit: ab935ee86f76c96adc0f85a36ecf7a3c1dfc8052 (patch)
tree: 895135388b3339688a563b00cfbf8eba0a212fb8
parent: 80bea6534863413d80a23fe58913b73fc8333086 (diff)
download: php-git-ab935ee86f76c96adc0f85a36ecf7a3c1dfc8052.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index e6cebce1a3..e181465421 100644
--- a/NEWS
+++ b/NEWS
@@ -4,8 +4,10 @@
 - Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre)
 - Fixed possible crash in mssql_fetch_batch(). (Kalle)
 
+- Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
+  (CVE-2010-3709). (Maksymilian Arciemowicz)
 - Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
-  large amount of data). (Adam)
+  large amount of data). (CVE-2010-3709). (Adam)
 - Fixed bug #52879 (Objects unreferenced in __get, __set, __isset or __unset
   can be freed too early). (mail_ben_schmidt at yahoo dot com dot au, Dmitry)
 - Fixed bug #52772 (var_dump() doesn't check for the existence of
author	Pierre Joye <pajoye@php.net>	2010-10-19 10:16:58 +0000
committer	Pierre Joye <pajoye@php.net>	2010-10-19 10:16:58 +0000
commit	ab935ee86f76c96adc0f85a36ecf7a3c1dfc8052 (patch)
tree	895135388b3339688a563b00cfbf8eba0a212fb8
parent	80bea6534863413d80a23fe58913b73fc8333086 (diff)
download	php-git-ab935ee86f76c96adc0f85a36ecf7a3c1dfc8052.tar.gz