add CVEs

author Stanislav Malyshev <stas@php.net>

Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)

committer Stanislav Malyshev <stas@php.net>

Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)
author Stanislav Malyshev <stas@php.net>
Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)
committer Stanislav Malyshev <stas@php.net>
Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)
diff --git a/NEWS b/NEWS

index a5eaabcd6bd0a58846c37703baa5c66367a36b7b..ce9398e586bdaf1c5773da24b40c572279ab2042 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -21,15 +21,15 @@ PHP                                                                        NEWS
  
  - Fileinfo:
    . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary 
-    check). 
+    check). (CVE-2014-0207) 
    . Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
-    string size). (Francisco Alonso, Jan Kaluza, Remi)
+    string size). (CVE-2014-3478) (Francisco Alonso, Jan Kaluza, Remi) 
    . Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
-    check). (Francisco Alonso, Jan Kaluza, Remi)
+    check). (CVE-2014-3479) (Francisco Alonso, Jan Kaluza, Remi)
    . Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
-    (Francisco Alonso, Jan Kaluza, Remi)
+    (CVE-2014-3480) (Francisco Alonso, Jan Kaluza, Remi)
    . Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
-    check). (Francisco Alonso, Jan Kaluza, Remi)
+    check). (CVE-2014-3487) (Francisco Alonso, Jan Kaluza, Remi)
  
  - Network:
    . Fixed bug #67432 (Fix potential segfault in dns_get_record()).
author	Stanislav Malyshev <stas@php.net>
	Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)
committer	Stanislav Malyshev <stas@php.net>
	Sun, 22 Jun 2014 01:37:08 +0000 (18:37 -0700)