From 56de1e6c531301950c6d5e4458c61057f16f7df9 Mon Sep 17 00:00:00 2001 From: Derick Rethans Date: Tue, 21 Jan 2020 11:33:51 +0000 Subject: Update NEWS --- NEWS | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/NEWS b/NEWS index fa914dd680..9f95191bbc 100644 --- a/NEWS +++ b/NEWS @@ -45,6 +45,10 @@ PHP NEWS - Libxml: . Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence) +- Mbstring: + . Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). + (CVE-2020-7060) (Nikita) + - OPcache: . Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS). (Dmitry) . Fixed bug #78950 (Preloading trait method with static variables). (Nikita) @@ -69,6 +73,8 @@ PHP NEWS Kentarō) - Session: + . Fixed bug #79091 (heap use-after-free in session_create_id()). (cmb, + Nikita) . Fixed bug #79031 (Session unserialization problem). (Nikita) - Shmop: @@ -82,6 +88,7 @@ PHP NEWS . Fixed bug #78976 (SplFileObject::fputcsv returns -1 on failure). (cmb) - Standard: + . Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb) . Fixed bug #79000 (Non-blocking socket stream reports EAGAIN as error). (Nikita) . Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF). -- cgit v1.2.1