Commit: 3ea951dadadbced0c5000a927272b594df85d646 Author: Lior Kaplan <kaplanl...@gmail.com> Mon, 15 Jan 2018 16:27:41 +0200 Parents: a4e3c7bb95dba2952f7aff77c7b4cd05ffb8dd3e Branches: master
Link: http://git.php.net/?p=web/php.git;a=commitdiff;h=3ea951dadadbced0c5000a927272b594df85d646 Log: Add CVE ID to bug #74603 (PHP 5.6.31, 7.0.21 and 7.1.7) Bugs: https://bugs.php.net/74603 Changed paths: M ChangeLog-5.php M ChangeLog-7.php Diff: diff --git a/ChangeLog-5.php b/ChangeLog-5.php index c273423..c0b811a 100644 --- a/ChangeLog-5.php +++ b/ChangeLog-5.php @@ -47,7 +47,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change <ul> <li><?php bugfix(73807); ?> (Performance problem with processing large post request). (CVE-2017-11142)</li> <li><?php bugfix(74111); ?> (Heap buffer overread (READ: 1) finish_nested_data from unserialize). (CVE-2017-12933)</li> - <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability).</li> + <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability). (CVE-2017-11628)</li> <li><?php bugfix(74819); ?> (wddx_deserialize() heap out-of-bound read via php_parse_date()). (CVE-2017-11145)</li> </ul></li> <li>GD: diff --git a/ChangeLog-7.php b/ChangeLog-7.php index d330d62..d757e2e 100644 --- a/ChangeLog-7.php +++ b/ChangeLog-7.php @@ -1058,7 +1058,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li><?php bugfix(74738); ?> (Multiple [PATH=] and [HOST=] sections not properly parsed).</li> <li><?php bugfix(74658); ?> (Undefined constants in array properties result in broken properties).</li> <li>Fixed misparsing of abstract unix domain socket names.</li> - <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability).</li> + <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability). (CVE-2017-11628)</li> <li><?php bugfix(74101); ?> (Unserialize Heap Use-After-Free (READ: 1) in zval_get_type). (CVE-2017-12934)</li> <li><?php bugfix(74111); ?> (Heap buffer overread (READ: 1) finish_nested_data from unserialize). (CVE-2017-12933)</li> <li><?php bugfix(74819); ?> (wddx_deserialize() heap out-of-bound read via php_parse_date()). (CVE-2017-11145)</li> @@ -1140,7 +1140,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li>Fixed misparsing of abstract unix domain socket names.</li> <li><?php bugfix(74101); ?> (Unserialize Heap Use-After-Free (READ: 1) in zval_get_type). (CVE-2017-12934)</li> <li><?php bugfix(74111); ?> (Heap buffer overread (READ: 1) finish_nested_data from unserialize). (CVE-2017-12933)</li> - <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability).</li> + <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability). (CVE-2017-11628)</li> <li><?php bugfix(74819); ?> (wddx_deserialize() heap out-of-bound read via php_parse_date()). (CVE-2017-11145)</li> </ul></li> <li>DOM: -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php