Commit: 8f79d2a5951a2fb70e1ac6417f1c2751abf36c22 Author: Lior Kaplan <[email protected]> Mon, 10 Aug 2015 11:56:28 +0300 Parents: e1361c738ebba5f23f13e38956bce3de4bd8cbf1 Branches: master
Link: http://git.php.net/?p=web/php.git;a=commitdiff;h=8f79d2a5951a2fb70e1ac6417f1c2751abf36c22 Log: Add CVE for #69958 and #69923 (PHP 5.5.43, 5.5.27, 5.6.11) Bugs: https://bugs.php.net/69958 https://bugs.php.net/69923 Changed paths: M ChangeLog-5.php Diff: diff --git a/ChangeLog-5.php b/ChangeLog-5.php index 8cb0612..8ccce7c 100644 --- a/ChangeLog-5.php +++ b/ChangeLog-5.php @@ -175,6 +175,11 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change <li><?php bugfix(69362); ?> (PDO-pgsql fails to connect if password contains a leading single quote).</li> <li><?php bugfix(69344); ?> (PDO PgSQL Incorrect binding numeric array with gaps).</li> </ul></li> +<li>Phar: +<ul> + <li><?php bugfix(69958); ?> (Segfault in Phar::convertToData on invalid file). (CVE-2015-5589)</li> + <li><?php bugfix(69923); ?> (Buffer overflow and stack smashing error in phar_fix_filepath). (CVE-2015-5590)</li> +</ul></li> <li>SimpleXML: <ul> <li>Refactored the fix for bug <?php bugl(66084); ?> (simplexml_load_string() mangles empty node name).</li> @@ -228,8 +233,8 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change </ul></li> <li>Phar: <ul> - <li><?php bugfix(69958); ?> (Segfault in Phar::convertToData on invalid file).</li> - <li><?php bugfix(69923); ?> (Buffer overflow and stack smashing error in phar_fix_filepath).</li> + <li><?php bugfix(69958); ?> (Segfault in Phar::convertToData on invalid file). (CVE-2015-5589)</li> + <li><?php bugfix(69923); ?> (Buffer overflow and stack smashing error in phar_fix_filepath). (CVE-2015-5590)</li> </ul></li> <li>SimpleXML: <ul> @@ -257,8 +262,8 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change </ul></li> <li>Phar: <ul> - <li><?php bugfix(69958); ?> (Segfault in Phar::convertToData on invalid file).</li> - <li><?php bugfix(69923); ?> (Buffer overflow and stack smashing error in phar_fix_filepath).</li> + <li><?php bugfix(69958); ?> (Segfault in Phar::convertToData on invalid file). (CVE-2015-5589)</li> + <li><?php bugfix(69923); ?> (Buffer overflow and stack smashing error in phar_fix_filepath). (CVE-2015-5590)</li> </ul></li> </ul> <!-- }}} --></section> -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
