diff options
author | Christoph M. Becker <cmbecker69@gmx.de> | 2020-01-21 11:31:14 +0100 |
---|---|---|
committer | Christoph M. Becker <cmbecker69@gmx.de> | 2020-01-21 11:31:14 +0100 |
commit | b67fc51859c00e884d96208cc55e076a3aea8f89 (patch) | |
tree | 2e728bdf98509f7c2b11d6703497f917357bedf6 | |
parent | 25ec7eb3463f34a2be666c6785d1c6b3cc89575e (diff) | |
download | php-git-b67fc51859c00e884d96208cc55e076a3aea8f89.tar.gz |
Update NEWS wrt. sec fixes
-rw-r--r-- | NEWS | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -48,6 +48,10 @@ PHP NEWS - Libxml: . Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence) +- Mbstring: + . Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). + (CVE-2020-7060) (Nikita) + - OPcache: . Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb) @@ -63,10 +67,14 @@ PHP NEWS . Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ Kentarō) +- Session: + . Fixed bug #79091 (heap use-after-free in session_create_id()). (cmb, Nikita) + - Shmop: . Fixed bug #78538 (shmop memory leak). (cmb) - Standard: + . Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb) . Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF). (cmb) |