diff options
author | Remi Collet <remi@php.net> | 2019-07-30 09:26:50 +0200 |
---|---|---|
committer | Remi Collet <remi@php.net> | 2019-07-30 09:26:50 +0200 |
commit | b29ecec4efdf9d53c05a66223062971caf1594e9 (patch) | |
tree | 45b5354c474d008507705b6ce52c6b2b6981d87a | |
parent | 284fb08fdc7465db6ed550b088bc0e7d38ddac4e (diff) | |
download | php-git-b29ecec4efdf9d53c05a66223062971caf1594e9.tar.gz |
add security NEW entries + reorder [ci skip]
-rw-r--r-- | NEWS | 37 |
1 files changed, 23 insertions, 14 deletions
@@ -25,6 +25,15 @@ PHP NEWS 01 Aug 2019, PHP 7.2.21 +- Date: + . Fixed bug #69044 (discrepency between time and microtime). (krakjoe) + +- EXIF: + . Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment). + (CVE-2019-11042) (Stas) + . Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail). + (CVE-2019-11041) (Stas) + - Fileinfo: . Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file). (Joshua Westerheide) @@ -32,20 +41,6 @@ PHP NEWS - FTP: . Fixed bug #77124 (FTP with SSL memory leak). (Nikita) -- PDO_Sqlite: - . Fixed bug #78192 (SegFault when reuse statement after schema has changed). - (Vincent Quatrevieux) - -- SQLite: - . Upgraded to SQLite 3.28.0. (cmb) - -- XMLRPC: - . Fixed bug #78173 (XML-RPC mutates immutable objects during encoding). - (Asher Baker) - -- Date: - . Fixed bug #69044 (discrepency between time and microtime). (krakjoe) - - Libxml: . Fixed bug #78279 (libxml_disable_entity_loader settings is shared between requests (cgi-fcgi)). (Nikita) @@ -68,14 +63,28 @@ PHP NEWS . Fixed bug #78291 (opcache_get_configuration doesn't list all directives). (Andrew Collington) +- Phar: + . Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb) + - Phpdbg: . Fixed bug #78297 (Include unexistent file memory leak). (Nikita) +- PDO_Sqlite: + . Fixed bug #78192 (SegFault when reuse statement after schema has changed). + (Vincent Quatrevieux) + +- SQLite: + . Upgraded to SQLite 3.28.0. (cmb) + - Standard: . Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit). (cmb) . Fixed bug #78269 (password_hash uses weak options for argon2). (Remi) +- XMLRPC: + . Fixed bug #78173 (XML-RPC mutates immutable objects during encoding). + (Asher Baker) + 04 Jul 2019, PHP 7.2.20 - Core: |