diff options
author | Julien Pauli <jpauli@php.net> | 2014-03-05 11:08:11 +0100 |
---|---|---|
committer | Julien Pauli <jpauli@php.net> | 2014-03-05 11:08:11 +0100 |
commit | eb63f8c2a66906a617d94667f0b54f1544ac93d9 (patch) | |
tree | 4772c6897a8cc5b515056bdcc3395ca1221b4b1a | |
parent | 0880851f004ba8ad793b9fb68e3ee6755245a0ba (diff) | |
download | php-git-eb63f8c2a66906a617d94667f0b54f1544ac93d9.tar.gz |
NEWS for cherry-picked CVE patches
-rw-r--r-- | NEWS | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -20 Fev 2014, PHP 5.5.10RC1 +06 Mar 2014, PHP 5.5.10 - Core: . Fixed Request #66574i (Allow multiple paths in php_ini_scanned_path). (Remi) @@ -10,7 +10,12 @@ PHP NEWS per offset too). (Derick) - Fileinfo: - . Bug #66731 (file: infinite recursion) (CVE-2014-1943). (Remi) + . Fixed bug #66731 (file: infinite recursion) (CVE-2014-1943). (Remi) + . Fixed bug #66820 (out-of-bounds memory access in fileinfo). (Remi) + +- GD: + . Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer + CVE-2013-7327). (Tomas Hoger, Remi) - JSON: . Fixed bug #65753 (JsonSerializeable couldn't implement on module extension) |