diff options
author | Johannes Schlüter <johannes@php.net> | 2010-07-21 14:28:14 +0000 |
---|---|---|
committer | Johannes Schlüter <johannes@php.net> | 2010-07-21 14:28:14 +0000 |
commit | 7317b3d05b7b825a87d06d8ea74e2e0848b9355e (patch) | |
tree | ebd246a9e62c0e1ac5bb663f0dd43ff559b5b3b6 | |
parent | 9e10c6551eb4c2eb79de347ec5b117323a85c698 (diff) | |
parent | 95fb5ed9f2cf1823055efb99b32701f0b847821b (diff) | |
download | php-git-7317b3d05b7b825a87d06d8ea74e2e0848b9355e.tar.gz |
Retag 5.2.14 with corrected NEWSphp-5.2.14
-rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -9,6 +9,12 @@ PHP NEWS - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) +- Fixed a possible interruption array leak in strrchr(). Reported by + Péter Veres. (CVE-2010-2484) (Felipe) +- Fixed a possible interruption array leak in strchr(), strstr(), substr(), + chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) +- Fixed a possible memory corruption in substr_replace() (Dmitry) +- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan Esser (Ilia) - Reset error state in PDO::beginTransaction() reset error state. (Ilia) |