diff options
author | Stanislav Malyshev <stas@php.net> | 2020-09-29 10:13:38 -0700 |
---|---|---|
committer | Stanislav Malyshev <stas@php.net> | 2020-09-29 10:13:38 -0700 |
commit | f20a2b4f3c25fba1769da5a2d35f44a492ed7f1f (patch) | |
tree | 26445d16039ca22181b3bec612884a410a850719 /NEWS | |
parent | 5c8b02fdd6d85c8a9ae96ed3485425f646aac857 (diff) | |
download | php-git-f20a2b4f3c25fba1769da5a2d35f44a492ed7f1f.tar.gz |
[ci skip] Add 7.4.11 security fixes to NEWS
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -47,6 +47,8 @@ PHP NEWS . Fixed bug #80048 (Bug #69100 has not been fixed for Windows). (cmb) . Fixed bug #80049 (Memleak when coercing integers to string via variadic argument). (Nikita) + . Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` + cookies can be sent). (CVE-2020-7070) (Stas) - Calendar: . Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing). @@ -63,6 +65,10 @@ PHP NEWS . Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode handlers changed). (SammyK) +- OpenSSL: + . Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 + bytes IV). (CVE-2020-7069) (Jakub Zelenka) + - PDO: . Fixed bug #80027 (Terrible performance using $query->fetch on queries with many bind parameters (Matteo) |