Updated NEWS to reflect imported commits

author: Julien Pauli <jpauli@php.net> 2014-05-28 10:37:29 +0200
committer: Julien Pauli <jpauli@php.net> 2014-05-28 10:37:29 +0200
commit: 432c063b3e8c47ffe3d8188b0244a1020e71350c (patch)
tree: b71b9df46ec45078fcf1fdbadd272d42c8ea3676
parent: cddf2c5dcd5ee23bd175826889d25de52c97b119 (diff)
download: php-git-432c063b3e8c47ffe3d8188b0244a1020e71350c.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 01329d3953..4b5af3aacd 100644
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,7 @@ PHP                                                                        NEWS
   . Fixed bug #67245 (usage of memcpy() with overlapping src and dst in
     zend_exceptions.c). (Bob)
   . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
+  . Fixed bug #67249 (printf out-of-bounds read). (Stas)
   . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
   . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
 
@@ -32,6 +33,9 @@ PHP                                                                        NEWS
 
 - Fileinfo:
   . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
+  . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS) (CVE-2014-0238).
+  . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
+    performance degradation) (CVE-2014-0237).
 
 - FPM:
   . Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
author	Julien Pauli <jpauli@php.net>	2014-05-28 10:37:29 +0200
committer	Julien Pauli <jpauli@php.net>	2014-05-28 10:37:29 +0200
commit	432c063b3e8c47ffe3d8188b0244a1020e71350c (patch)
tree	b71b9df46ec45078fcf1fdbadd272d42c8ea3676
parent	cddf2c5dcd5ee23bd175826889d25de52c97b119 (diff)
download	php-git-432c063b3e8c47ffe3d8188b0244a1020e71350c.tar.gz