diff options
author | Johannes Schlüter <johannes@php.net> | 2010-07-21 14:19:59 +0000 |
---|---|---|
committer | Johannes Schlüter <johannes@php.net> | 2010-07-21 14:19:59 +0000 |
commit | 95fb5ed9f2cf1823055efb99b32701f0b847821b (patch) | |
tree | ebd246a9e62c0e1ac5bb663f0dd43ff559b5b3b6 | |
parent | c863f476a5063b7e32c5ab0e519170441a1fbb92 (diff) | |
download | php-git-95fb5ed9f2cf1823055efb99b32701f0b847821b.tar.gz |
- Add lost entries
-rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -9,6 +9,12 @@ PHP NEWS - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) +- Fixed a possible interruption array leak in strrchr(). Reported by + Péter Veres. (CVE-2010-2484) (Felipe) +- Fixed a possible interruption array leak in strchr(), strstr(), substr(), + chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) +- Fixed a possible memory corruption in substr_replace() (Dmitry) +- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan Esser (Ilia) - Reset error state in PDO::beginTransaction() reset error state. (Ilia) |