diff options
author | Derick Rethans <derick@php.net> | 2007-04-11 06:11:51 +0000 |
---|---|---|
committer | Derick Rethans <derick@php.net> | 2007-04-11 06:11:51 +0000 |
commit | e31766df10715f35742b059a40a2345ff2848e7a (patch) | |
tree | 7493b577179ad07bad0a6d1b9bbffb65c0d53c4f | |
parent | d3deda3ea201f0a7d396e6055be70f0abc839bd5 (diff) | |
download | php-git-e31766df10715f35742b059a40a2345ff2848e7a.tar.gz |
- 4.4.7RC1.
-rw-r--r-- | NEWS | 30 | ||||
-rw-r--r-- | configure.in | 2 | ||||
-rw-r--r-- | main/php_version.h | 4 |
3 files changed, 18 insertions, 18 deletions
@@ -1,27 +1,27 @@ PHP 4 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 2007, Version 4.4.7 -- Fixed MOPB-33-2007 PHP mail() Message ASCIIZ Byte Truncation. (Ilia) -- Fixed CRLF injection inside ftp_putcmd(). (Ilia) +11 Apr 2007, Version 4.4.7RC1 +- Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) -- Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the - compress.bzip2 wraper. (Ilia) -- Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. +- Fixed MOPB-26-2007 (mb_parse_str() can be used to activate + register_globals). (Ilia) +- Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in + array_user_key_compare()). (Stas) +- Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability). (Ilia) -- Fixed MOPB-26-2007 mb_parse_str() can be used to activate - register_globals. (Ilia) -- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) -- Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf - function) (Kees Cook, Pierre) +- Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the + compress.bzip2 wraper). (Ilia) +- Fixed MOPB-8-2007 (XSS in phpinfo()). (Joe Orton, Stas) +- Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) +- Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf + function). (Kees Cook, Pierre) - Fixed bug #40998 (long session array keys are truncated). (Tony) - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) -- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused +- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) -- Fixed unallocated memory access/double free in in array_user_key_compare() - (MOPB-24 by Stefan Esser) (Stas) +- Fixed CRLF injection inside ftp_putcmd(). (Ilia) 28 Feb 2007, Version 4.4.6 diff --git a/configure.in b/configure.in index 76b06d49a0..5dd79a9c67 100644 --- a/configure.in +++ b/configure.in @@ -38,7 +38,7 @@ AC_CONFIG_HEADER(main/php_config.h) MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=7 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context diff --git a/main/php_version.h b/main/php_version.h index e51edf189f..f091c150eb 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.7-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.7RC1" |