iliaa Thu Nov 27 17:29:21 2008 UTC
Modified files: (Branch: PHP_5_2)
/php-src NEWS
Log:
Updated NEWS file with CVE #s
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1335&r2=1.2027.2.547.2.1336&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1335 php-src/NEWS:1.2027.2.547.2.1336
--- php-src/NEWS:1.2027.2.547.2.1335 Thu Nov 27 17:01:29 2008
+++ php-src/NEWS Thu Nov 27 17:29:20 2008
@@ -1,7 +1,11 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? Nov 2008, PHP 5.2.7
-- Upgraded PCRE to version 7.8 (Ilia)
+- Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia)
+
+- Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre)
+- Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). (Laurent
+ Gaffie)
- Fixed memory leak inside readline_callback_handler_remove() function.
(Felipe)
- Fixed bug #46696 (cURL fails in upload files with specified content-type).
@@ -142,7 +146,7 @@
pgsql). (Felipe)
- Fixed bug #43723 (SOAP not sent properly from client for <choice>). (Dmitry)
- Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer
- overflow). (Dmitry)
+ overflow). (Fixes CVE-2008-2829) (Dmitry)
- Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas).
(Felipe)
- Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony)
@@ -249,7 +253,7 @@
- Fixed bug #45178 (memory corruption on assignment result of "new" by
reference). (Dmitry)
- Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).
- (Dmitry)
+ (Fixes CVE-2008-3660) (Dmitry)
- Fixed bug #45139 (ReflectionProperty returns incorrect declaring class).
(Felipe)
- Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
