pajoye Tue, 28 Sep 2010 13:30:30 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=303826
Log:
- Fixed possible flaw in open_basedir (CVE-2010-3436)
Changed paths:
U php/php-src/branches/PHP_5_3/NEWS
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2010-09-28 13:30:20 UTC (rev 303825)
+++ php/php-src/branches/PHP_5_3/NEWS 2010-09-28 13:30:30 UTC (rev 303826)
@@ -13,8 +13,9 @@
- Implemented symbolic links support for open_basedir checks. (Pierre)
- Implemented FR #51804, SplFileInfo::getLinkTarget on Windows. (Pierre)
+- Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre)
+- Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). (Pierre)
- Fixed symbolic resolution support when the target is a DFS share. (Pierre)
-- Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). (Pierre)
- Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED.
(Kalle)
- Changed the $context parameter on copy() to actually have an effect. (Kalle)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
