Add CVE IDs PHP 5.6.18

author: Lior Kaplan <kaplanlior@gmail.com> 2016-04-29 13:15:30 +0300
committer: Lior Kaplan <kaplanlior@gmail.com> 2016-04-29 13:15:30 +0300
commit: a23ae0f436b1c11fcd600f6d18a56b150aa339b5 (patch)
tree: 12c01f1c96f78fa6cf757bae33f5e5eaf4404f57
parent: b8b2dd1a4338abe4c19a9b13af2a4f94ba4e5b63 (diff)
download: php-git-a23ae0f436b1c11fcd600f6d18a56b150aa339b5.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/NEWS b/NEWS
index 799ac79547..81a9afd2fc 100644
--- a/NEWS
+++ b/NEWS
@@ -182,15 +182,19 @@ PHP                                                                        NEWS
     on the same server). (Anatol)
 
 - PCRE:
-  . Upgraded bundled PCRE library to 8.38.
+  . Upgraded bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386,
+    CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393,
+    CVE-2015-8394)
 
 - Phar:
-  . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
+  . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (CVE-2016-4342)
+    (Stas)
   . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
     (CVE-2016-4343) (Stas)
   . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
     (Stas)
-  . Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
+  . Fixed bug #71488 (Stack overflow when decompressing tar archives).
+    (CVE-2016-2554) (Stas)
 
 - Session:
   . Fixed bug #69111 (Crash in SessionHandler::read()). (Anatol)
author	Lior Kaplan <kaplanlior@gmail.com>	2016-04-29 13:15:30 +0300
committer	Lior Kaplan <kaplanlior@gmail.com>	2016-04-29 13:15:30 +0300
commit	a23ae0f436b1c11fcd600f6d18a56b150aa339b5 (patch)
tree	12c01f1c96f78fa6cf757bae33f5e5eaf4404f57
parent	b8b2dd1a4338abe4c19a9b13af2a4f94ba4e5b63 (diff)
download	php-git-a23ae0f436b1c11fcd600f6d18a56b150aa339b5.tar.gz