add NEWS entry

author: Remi Collet <remi@php.net> 2019-10-22 09:37:35 +0200
committer: Remi Collet <remi@php.net> 2019-10-22 09:37:35 +0200
commit: 2213bd36fdfccc6fa1cdf8299fdf34b64af97612 (patch)
tree: 53c0402e140f65f85f913dd75c1941a151d0a5cf
parent: 4b5cdda0c793ef4f225a82d448183044441ca2b5 (diff)
download: php-git-2213bd36fdfccc6fa1cdf8299fdf34b64af97612.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index f2a811b606..f578327393 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,10 @@ PHP                                                                        NEWS
   . Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
 	(Kalle)
 
+- FPM:
+  . Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
+    (CVE-2019-11043) (Jakub Zelenka)
+
 - MBString:
   . Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
     (cmb)
author	Remi Collet <remi@php.net>	2019-10-22 09:37:35 +0200
committer	Remi Collet <remi@php.net>	2019-10-22 09:37:35 +0200
commit	2213bd36fdfccc6fa1cdf8299fdf34b64af97612 (patch)
tree	53c0402e140f65f85f913dd75c1941a151d0a5cf
parent	4b5cdda0c793ef4f225a82d448183044441ca2b5 (diff)
download	php-git-2213bd36fdfccc6fa1cdf8299fdf34b64af97612.tar.gz