Commit: a4e3c7bb95dba2952f7aff77c7b4cd05ffb8dd3e Author: Lior Kaplan <[email protected]> Mon, 15 Jan 2018 16:25:08 +0200 Parents: b1497fe298f077e82d5b1a5024949abddc22b618 Branches: master
Link: http://git.php.net/?p=web/php.git;a=commitdiff;h=a4e3c7bb95dba2952f7aff77c7b4cd05ffb8dd3e Log: Add CVE ID to bug #74103 (PHP 7.0.23, 7.1.9 and 7.2.0) Bugs: https://bugs.php.net/74103 Changed paths: M ChangeLog-7.php Diff: diff --git a/ChangeLog-7.php b/ChangeLog-7.php index 6ed0bf5..d330d62 100644 --- a/ChangeLog-7.php +++ b/ChangeLog-7.php @@ -411,7 +411,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li><?php bugfix(74737); ?> (mysqli_get_client_info reflection info).</li> <li>Add support for extension name as argument to dl().</li> <li><?php bugfix(74851); ?> (uniqid() without more_entropy performs badly).</li> - <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size).</li> + <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size). (CVE-2017-12932)</li> <li><?php bugfix(75054); ?> (A Denial of Service Vulnerability was found when performing deserialization).</li> <li><?php bugfix(75170); ?> (mt_rand() bias on 64-bit machines).</li> <li><?php bugfix(75221); ?> (Argon2i always throws NUL at the end).</li> @@ -857,7 +857,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li>Standard: <ul> <li><?php bugfix(75075); ?> (unpack with X* causes infinity loop).</li> - <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size).</li> + <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size). (CVE-2017-12932)</li> <li><?php bugfix(75054); ?> (A Denial of Service Vulnerability was found when performing deserialization).</li> </ul></li> <li>WDDX: @@ -933,7 +933,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li>Standard: <ul> <li><?php bugfix(75075); ?> (unpack with X* causes infinity loop).</li> - <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size).</li> + <li><?php bugfix(74103); ?> (heap-use-after-free when unserializing invalid array size). (CVE-2017-12932)</li> <li><?php bugfix(75054); ?> (A Denial of Service Vulnerability was found when performing deserialization).</li> </ul></li> <li>WDDX: -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
