diff options
| -rw-r--r-- | NEWS | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -5,7 +5,8 @@ - Core: . Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike) - . Added NULL byte protection to exec, system and passthru. (Yasuo) + . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file + not validated in memory.c). (nayana at ddproperty dot com) - ODBC: . Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol) @@ -31,8 +32,6 @@ - Core: . Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas) - . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file - not validated in memory.c). (nayana at ddproperty dot com) . Fixed bug #67068 (getClosure returns somethings that's not a closure). (Danack at basereality dot com) . Fixed bug #68942 (Use after free vulnerability in unserialize() with @@ -41,6 +40,7 @@ buffer overflow). (Stas) . Fixed Bug #67988 (htmlspecialchars() does not respect default_charset specified by ini_set) (Yasuo) + . Added NULL byte protection to exec, system and passthru. (Yasuo) - Dba: . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info) |