Commit: a115e53b7992cac6ea2c8ae76b9638e51ac685ef Author: Lior Kaplan <kaplanl...@gmail.com> Sun, 18 Sep 2016 14:37:47 +0300 Parents: 065c9eba3c9c3a98f7bc24f6e8e03c6f5e57dabd Branches: master
Link: http://git.php.net/?p=web/php.git;a=commitdiff;h=a115e53b7992cac6ea2c8ae76b9638e51ac685ef Log: Update CVE info for PHP 7.0.11 Changed paths: M ChangeLog-7.php Diff: diff --git a/ChangeLog-7.php b/ChangeLog-7.php index 46aad2b..776da6b 100644 --- a/ChangeLog-7.php +++ b/ChangeLog-7.php @@ -50,11 +50,11 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <li>Intl: <ul> <li><?php bugfix(65732); ?> (grapheme_*() is not Unicode compliant on CR LF sequence).</li> - <li><?php bugfix(73007); ?> (add locale length check).</li> + <li><?php bugfix(73007); ?> (add locale length check). (CVE-2016-7416)</li> </ul></li> <li>Mysqlnd: <ul> - <li><?php bugfix(72293); ?> (Heap overflow in mysqlnd related to BIT fields).</li> + <li><?php bugfix(72293); ?> (Heap overflow in mysqlnd related to BIT fields). (CVE-2016-7412)</li> </ul></li> <li>OCI8: <ul> @@ -82,7 +82,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change </ul></li> <li>Phar: <ul> - <li><?php bugfix(72928); ?> (Out of bound when verify signature of zip phar in phar_parse_zipfile).</li> + <li><?php bugfix(72928); ?> (Out of bound when verify signature of zip phar in phar_parse_zipfile). (CVE-2016-7414)</li> <li><?php bugfix(73035); ?> (Out of bound when verify signature of tar phar in phar_parse_tarfile).</li> </ul></li> <li>Reflection: @@ -101,7 +101,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change </ul></li> <li>SPL: <ul> - <li><?php bugfix(73029); ?> (Missing type check when unserializing SplArray).</li> + <li><?php bugfix(73029); ?> (Missing type check when unserializing SplArray). (CVE-2016-7417)</li> </ul></li> <li>Standard: <ul> @@ -123,16 +123,16 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change <ul> <li><?php bugfix(72858); ?> (shm_attach null dereference).</li> </ul></li> +<li>Wddx: +<ul> + <li><?php bugfix(72860); ?> (wddx_deserialize use-after-free). (CVE-2016-7413)</li> + <li><?php bugfix(73065); ?> (Out-Of-Bounds Read in php_wddx_push_element). (CVE-2016-7418)</li> +</ul></li> <li>XML: <ul> <li><?php bugfix(72085); ?> (SEGV on unknown address zif_xml_parse).</li> <li><?php bugfix(72714); ?> (_xml_startElementHandler() segmentation fault).</li> </ul></li> -<li>Wddx: -<ul> - <li><?php bugfix(72860); ?> (wddx_deserialize use-after-free).</li> - <li><?php bugfix(73065); ?> (Out-Of-Bounds Read in php_wddx_push_element).</li> -</ul></li> <li>ZIP: <ul> <li><?php bugfix(68302); ?> (impossible to compile php with zip support).</li> -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php