archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Update NEWS wrt. sec fixes

Browse source
This commit is contained in:
Christoph M. Becker 2020-01-21 11:31:14 +01:00
parent 25ec7eb346
commit b67fc51859
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
NEWS
View file

@ -48,6 +48,10 @@ PHP NEWS
- Libxml: - Libxml:
. Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence) . Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence)
- Mbstring:
. Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`).
(CVE-2020-7060) (Nikita)
- OPcache: - OPcache:
. Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb) . Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb)
@ -63,10 +67,14 @@ PHP NEWS
. Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ . Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ
Kentarō) Kentarō)
- Session:
. Fixed bug #79091 (heap use-after-free in session_create_id()). (cmb, Nikita)
- Shmop: - Shmop:
. Fixed bug #78538 (shmop memory leak). (cmb) . Fixed bug #78538 (shmop memory leak). (cmb)
- Standard: - Standard:
. Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb)
. Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF). . Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF).
(cmb) (cmb)