diff options
| -rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -9,6 +9,12 @@ PHP NEWS - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) +- Fixed a possible interruption array leak in strrchr(). Reported by + Péter Veres. (CVE-2010-2484) (Felipe) +- Fixed a possible interruption array leak in strchr(), strstr(), substr(), + chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) +- Fixed a possible memory corruption in substr_replace() (Dmitry) +- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan Esser (Ilia) - Reset error state in PDO::beginTransaction() reset error state. (Ilia) |