update NEWS

author: Stanislav Malyshev <stas@php.net> 2015-05-12 12:17:54 -0700
committer: Stanislav Malyshev <stas@php.net> 2015-05-12 12:17:54 -0700
commit: 2f83797a0c884342377c79183863bec87e04d8ab (patch)
tree: 3a8d01f6d74b10346d552ca5df67284f184c1f5e
parent: 9c0813fd48023634f6ce97e66de0fb9b7c196cda (diff)
download: php-git-2f83797a0c884342377c79183863bec87e04d8ab.tar.gz
1 files changed, 21 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 811f66ddf5..e7d2c66e5a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,10 +1,30 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2015 PHP 5.4.41
+?? ??? 2015 PHP 5.4.42
+
+14 May 2015 PHP 5.4.41
+
+- Core: 
+  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
+  . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). 
+    (Stas)
+  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
+  . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
+  
+- FTP:
+  . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
+    overflow). (Stas)
+
+- PCNTL:
+  . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
 
 - PCRE
   . Upgraded pcrelib to 8.37.
 
+- Phar:
+  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
+    starts with null). (Stas)
+
 16 Apr 2015 PHP 5.4.40
 
 - Apache2handler:
author	Stanislav Malyshev <stas@php.net>	2015-05-12 12:17:54 -0700
committer	Stanislav Malyshev <stas@php.net>	2015-05-12 12:17:54 -0700
commit	2f83797a0c884342377c79183863bec87e04d8ab (patch)
tree	3a8d01f6d74b10346d552ca5df67284f184c1f5e
parent	9c0813fd48023634f6ce97e66de0fb9b7c196cda (diff)
download	php-git-2f83797a0c884342377c79183863bec87e04d8ab.tar.gz