summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristoph M. Becker <cmbecker69@gmx.de>2019-07-30 09:50:18 +0200
committerChristoph M. Becker <cmbecker69@gmx.de>2019-07-30 09:51:37 +0200
commit8413df5e55735b8d40b5baeea4d2b68327103626 (patch)
treef8a99c98adbda26212d7cf420200435578a20760
parent88cc70eb947d8179f30f2bbf948c7ec39a09aa1c (diff)
parentef439abd46aa14eb7d0e2ef3f4bd552ce8c3f6ee (diff)
downloadphp-git-8413df5e55735b8d40b5baeea4d2b68327103626.tar.gz
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3: Add security related NEWS entries [ci skip]
Diffstat
-rw-r--r--NEWS10
1 files changed, 10 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 662d3424fe..85510c54bc 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,10 @@ PHP NEWS
- Exif:
. Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast). (Nikita)
+ . Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
+ (CVE-2019-11042) (Stas)
+ . Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
+ (CVE-2019-11041) (Stas)
- Iconv:
. Fixed bug #78342 (Bus error in configure test for iconv //IGNORE). (Rainer
@@ -18,6 +22,12 @@ PHP NEWS
- Opcache:
. Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita)
+- PCRE:
+ . Fixed bug #78338 (Array cross-border reading in PCRE). (cmb)
+
+- Phar:
+ . Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb)
+
- Standard:
. Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer). (Albert Casademont)
View Lorry Controller Status