Update NEWS

author: Stanislav Malyshev <stas@php.net> 2017-07-04 19:30:29 -0700
committer: Stanislav Malyshev <stas@php.net> 2017-07-04 19:30:29 -0700
commit: 12107d619b4380efa8543046357af07b7733020d (patch)
tree: f8374d17e635bf87947c4effda535e5acae2b2a5
parent: f7f4fd470635c30018d7ac71ab3b848195bf8795 (diff)
download: php-git-12107d619b4380efa8543046357af07b7733020d.tar.gz
1 files changed, 17 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 877e450586..d9ca91ab0d 100644
--- a/NEWS
+++ b/NEWS
@@ -2,9 +2,25 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ?? 2017, PHP 5.6.31
 
-- Core
+- Core:
   . Fixed bug #73807 (Performance problem with processing post request over
     2000000 chars). (Nikita)
+  . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from
+    unserialize). (Nikita)
+  . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability).
+    (Stas)
+  . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via 
+    php_parse_date()). (Derick)
+
+GD:
+  . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb)
+
+OpenSSL:
+  . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()).
+    (Stas)
+
+WDDX:
+   . Fixed bug #74145 (wddx parsing empty boolean tag leads to SIGSEGV). (Stas)
 
 19 Jan 2017, PHP 5.6.30
author	Stanislav Malyshev <stas@php.net>	2017-07-04 19:30:29 -0700
committer	Stanislav Malyshev <stas@php.net>	2017-07-04 19:30:29 -0700
commit	12107d619b4380efa8543046357af07b7733020d (patch)
tree	f8374d17e635bf87947c4effda535e5acae2b2a5
parent	f7f4fd470635c30018d7ac71ab3b848195bf8795 (diff)
download	php-git-12107d619b4380efa8543046357af07b7733020d.tar.gz