merge NEWS entries

author: Stanislav Malyshev <stas@php.net> 2012-06-06 23:25:40 -0700
committer: Stanislav Malyshev <stas@php.net> 2012-06-06 23:25:40 -0700
commit: 4c3575fa02da6ad8bd69fb59b57b0755363e8039 (patch)
tree: 71dc4b2efdef2e627ec06f95f26a57f8c56f8aae
parent: 10d2b26a765943a5fee5e679bcea893e6c826401 (diff)
download: php-git-4c3575fa02da6ad8bd69fb59b57b0755363e8039.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 2ec08561fc..d21e44dd68 100644
--- a/NEWS
+++ b/NEWS
@@ -63,6 +63,10 @@ PHP                                                                        NEWS
 - FPM
   . Fixed bug #61812 (Uninitialised value used in libmagic). 
     (Laruence, Gustavo)
+  . Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a
+    directory descriptor under windows. (Anatoliy)
+  . Fixed bug #61566 failure caused by the posix lseek and read versions
+    under windows in cdf_read(). (Anatoliy)
 
 - Libxml:
   . Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).
@@ -652,6 +656,14 @@ PHP                                                                        NEWS
   . Fixed bug #55544 (ob_gzhandler always conflicts with zlib.output_compression).
     (Mike)
 
+08 May 2012, PHP 5.3.13
+- CGI
+  . Improve fix for PHP-CGI query string parameter vulnerability, CVE-2012-2311.
+    (Stas)
+
+03 May 2012, PHP 5.3.12
+- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
+
 26 Apr 2012, PHP 5.3.11
 
 - Core:
author	Stanislav Malyshev <stas@php.net>	2012-06-06 23:25:40 -0700
committer	Stanislav Malyshev <stas@php.net>	2012-06-06 23:25:40 -0700
commit	4c3575fa02da6ad8bd69fb59b57b0755363e8039 (patch)
tree	71dc4b2efdef2e627ec06f95f26a57f8c56f8aae
parent	10d2b26a765943a5fee5e679bcea893e6c826401 (diff)
download	php-git-4c3575fa02da6ad8bd69fb59b57b0755363e8039.tar.gz