Commit: 45bcdc2db84384ddd4944d6c6cc8781127343e58 Author: Lior Kaplan <[email protected]> Thu, 11 Feb 2016 15:00:15 +0200 Parents: 49442f5c0819f6113a64e3a570c772a75584a897 Branches: master
Link: http://git.php.net/?p=web/php.git;a=commitdiff;h=45bcdc2db84384ddd4944d6c6cc8781127343e58 Log: Add CVE for #69353 (PHP 5.4.40, 5.5.24, 5.6.8) Bugs: https://bugs.php.net/69353 Changed paths: M ChangeLog-5.php Diff: diff --git a/ChangeLog-5.php b/ChangeLog-5.php index 333c4c2..1708763 100644 --- a/ChangeLog-5.php +++ b/ChangeLog-5.php @@ -991,7 +991,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change <li><?php bugfix(69212); ?> (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing).</li> <li><?php bugfix(69221); ?> (Segmentation fault when using a generator in combination with an Iterator).</li> <li><?php bugfix(69337); ?> (php_stream_url_wrap_http_ex() type-confusion vulnerability).</li> - <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions).</li> + <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions). (CVE-2015-3411, CVE-2015-3412)</li> </ul></li> <li>Apache2handler: <ul> @@ -1090,7 +1090,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change <li><?php bugfix(69212); ?> (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing).</li> <li><?php bugfix(69221); ?> (Segmentation fault when using a generator in combination with an Iterator).</li> <li><?php bugfix(69337); ?> (php_stream_url_wrap_http_ex() type-confusion vulnerability).</li> - <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions).</li> + <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions). (CVE-2015-3411, CVE-2015-3412)</li> </ul></li> <li>cURL: <ul> @@ -1180,7 +1180,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change <ul> <li>Additional fix for bug <?php bugl(69152); ?> (Type confusion vulnerability in exception::getTraceAsString).</li> <li><?php bugfix(69337); ?> (php_stream_url_wrap_http_ex() type-confusion vulnerability).</li> - <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions).</li> + <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various PHP extensions). (CVE-2015-3411, CVE-2015-3412)</li> </ul></li> <li>cURL: <ul> -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
