[PHP-CVS] com php-src: Merge branch 'PHP-5.3' into PHP-5.4: NEWS ext/standard/quot_print.c

Tue, 04 Jun 2013 22:01:51 -0700 

Commit:    efdeec3c0eb8e1bd9d14af37be6979fb46eda5df
Author:    Stanislav Malyshev <s...@php.net>         Tue, 4 Jun 2013 21:57:16 
-0700
Parents:   90bb28726bd0728059b0d58b1c063ae8ea250966 
93e0d78ec655f59ebfa82b2c6f8486c43651c1d0
Branches:  PHP-5.4 PHP-5.5

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=efdeec3c0eb8e1bd9d14af37be6979fb46eda5df

Log:
Merge branch 'PHP-5.3' into PHP-5.4

* PHP-5.3:
  fix CVE-2013-2110 - use correct formula to calculate string size

Changed paths:
  MM  NEWS
  MM  ext/standard/quot_print.c


Diff:
diff --cc NEWS
index 133a202,60a4035..371ec37
--- a/NEWS
+++ b/NEWS
@@@ -1,31 -1,26 +1,33 @@@
  PHP                                                                        
NEWS
  
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 -?? ??? 2013, PHP 5.3.27
 +?? ??? 2013, PHP 5.4.17
  
 -- PDO_firebird:
 -  . Fixed bug #64037 (Firebird return wrong value for numeric field).
 -    (Matheus Degiovani, Matteo)
 -  . Fixed bug #62024 (Cannot insert second row with null using parametrized
 -    query). (patch by ja...@kenjim.com, Matheus Degiovani, Matteo)
 +- FPM:
 +  . Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi)
  
 -- PDO_pgsql:
 -  . Fixed bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi)
 +- PDO_DBlib:
 +  . Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib). 
 +    (Stanley Sufficool)
 +  . Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley 
 +    Sufficool)
 +  . Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not 
executed 
 +    statement crashes). (Stanley Sufficool)
  
 -- pgsql:
 -  - Fixed bug #64609 (pg_convert enum type support). (Matteo)
 +- PDO_pgsql:
 +  . Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi)
  
 -?? ??? 2013, PHP 5.3.26
  
 -### DO NOT ADD ENTRIES HERE, ADD THEM ABOVE FOR 5.3.27 ###
 +?? ??? 2013, PHP 5.4.16
  
  - Core:
-   . Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
+   . Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,
+     CVE 2013-2110). (Stas)
++  . Fixed bug #64853 (Use of no longer available ini directives causes crash 
on
++    TS build). (Anatol)
 +  . Fixed bug #64729 (compilation failure on x32). (Gustavo)
++  . Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
 +  . Fixed bug #64660 (Segfault on memory exhaustion within function 
definition).
 +    (Stas, reported by Juha Kylmänen)
-   . Fixed bug #64853 (Use of no longer available ini directives causes crash 
on
-     TS build). (Anatol)
  
  - Calendar:
    . Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to