diff options
author | Remi Collet <remi@php.net> | 2019-05-29 08:52:17 +0200 |
---|---|---|
committer | Remi Collet <remi@php.net> | 2019-05-29 08:52:17 +0200 |
commit | abcd793ad50981bfa35f99f8907f4ed28ef8b140 (patch) | |
tree | 7163c0090e15036f383581b6f772feb3f2fb79e4 | |
parent | 750687806d8b5a5ec88d88ecc14a422e58ad8d66 (diff) | |
download | php-git-abcd793ad50981bfa35f99f8907f4ed28ef8b140.tar.gz |
add NEWS entries for sec fix
-rw-r--r-- | NEWS | 15 |
1 files changed, 14 insertions, 1 deletions
@@ -1,6 +1,10 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -30 May 2019, PHP 7.2.19 +?? ??? ????, PHP 7.2.19 + +- EXIF: + . Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16). + (CVE-2019-11040) (Stas) - FPM: . Fixed bug #77934 (php-fpm kill -USR2 not working). (Jakub Zelenka) @@ -8,6 +12,12 @@ PHP NEWS - GD: . Fixed bug #77943 (imageantialias($image, false); does not work). (cmb) + . Fixed bug #77973 (Uninitialized read in gdImageCreateFromXbm). + (CVE-2019-11038) (cmb) + +- Iconv: + . Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode() + due to integer overflow). (CVE-2019-11039). (maris dot adam) - JSON: . Fixed bug #77843 (Use after free with json serializer). (Nikita) @@ -29,6 +39,9 @@ PHP NEWS . Fixed bug #77024 (SplFileObject::__toString() may return array). (Craig Duncan) +- SQLite: + . Fixed bug #77967 (Bypassing open_basedir restrictions via file uris). (Stas) + 02 May 2019, PHP 7.2.18 - CLI: |