move CVE to the right version

author: Remi Collet <remi@php.net> 2015-01-22 13:06:15 +0100
committer: Remi Collet <remi@php.net> 2015-01-22 13:06:15 +0100
commit: 2955993947c9533ec1fc9e34bcea401f2b61e07b (patch)
tree: 090fea3e4b750b26f112dc9292af5e9f654b7357
parent: 43652d386a753c0a280790525e3593ecb416793c (diff)
download: php-git-2955993947c9533ec1fc9e34bcea401f2b61e07b.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 5d8a1f99e8..d904fcb969 100644
--- a/NEWS
+++ b/NEWS
@@ -41,8 +41,6 @@ PHP                                                                        NEWS
   . Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR
     correctly). (Ferenc)
   . Fixed bug #68583 (Crash in timeout thread). (Anatol)
-  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
-    (CVE-2014-8142) (Stefan Esser)
   . Fixed bug #68676 (Explicit Double Free). (Kalle)
   . Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
     (CVE-2015-0231) (Stefan Esser)
@@ -127,6 +125,8 @@ PHP                                                                        NEWS
     triggered). (Julien)
   . Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
   . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
+  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
+    (CVE-2014-8142) (Stefan Esser)
 
 - Date:
   . Fixed day_of_week function as it could sometimes return negative values
author	Remi Collet <remi@php.net>	2015-01-22 13:06:15 +0100
committer	Remi Collet <remi@php.net>	2015-01-22 13:06:15 +0100
commit	2955993947c9533ec1fc9e34bcea401f2b61e07b (patch)
tree	090fea3e4b750b26f112dc9292af5e9f654b7357
parent	43652d386a753c0a280790525e3593ecb416793c (diff)
download	php-git-2955993947c9533ec1fc9e34bcea401f2b61e07b.tar.gz