Add security bugs fixed in 5.5.18

author: Lior Kaplan <kaplanlior@gmail.com> 2015-02-11 12:02:39 +0200
committer: Lior Kaplan <kaplanlior@gmail.com> 2015-02-11 12:02:39 +0200
commit: 0d68d0a69bccc9d8a326632a63286ff8f55a4f22 (patch)
tree: 8a06378c4f20a7441206379adb82a960163d4461
parent: e06da17931e65031a85422ef0336e54df4a38b01 (diff)
download: php-git-0d68d0a69bccc9d8a326632a63286ff8f55a4f22.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 7875ab863e..4e16751941 100644
--- a/NEWS
+++ b/NEWS
@@ -265,6 +265,15 @@ PHP                                                                        NEWS
   . Fixed bug #67633 (A foreach on an array returned from a function not doing
     copy-on-write). (Nikita)
   . Fixed bug #51800 (proc_open on Windows hangs forever). (Anatol)
+  . Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
+    (CVE-2014-3669) (Stas)
+
+- cURL:
+  . Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)
+
+- EXIF:
+  . Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
+    (Stas)
 
 - FPM:
   . Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable
author	Lior Kaplan <kaplanlior@gmail.com>	2015-02-11 12:02:39 +0200
committer	Lior Kaplan <kaplanlior@gmail.com>	2015-02-11 12:02:39 +0200
commit	0d68d0a69bccc9d8a326632a63286ff8f55a4f22 (patch)
tree	8a06378c4f20a7441206379adb82a960163d4461
parent	e06da17931e65031a85422ef0336e54df4a38b01 (diff)
download	php-git-0d68d0a69bccc9d8a326632a63286ff8f55a4f22.tar.gz