update NEWS

author Stanislav Malyshev <stas@php.net>

Wed, 9 May 2012 20:37:49 +0000 (13:37 -0700)

committer Stanislav Malyshev <stas@php.net>

Sun, 13 May 2012 02:39:12 +0000 (19:39 -0700)
author Stanislav Malyshev <stas@php.net>
Wed, 9 May 2012 20:37:49 +0000 (13:37 -0700)
committer Stanislav Malyshev <stas@php.net>
Sun, 13 May 2012 02:39:12 +0000 (19:39 -0700)
diff --git a/NEWS b/NEWS

index a87211298fee2a1991dccfb6557c6e1e8ec7521d..a4486c8cf55d43fee545f6b540062fb02d457830 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,6 @@
  PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2012, PHP 5.4.2
+?? ??? 2012, PHP 5.4.4
  
  - CLI Server:
    . Implemented FR #61977 (Need CLI web-server support for files with .htm & 
@@ -51,6 +51,18 @@ PHP                                                                        NEWS
      sent when no compression). (Mike)
    . Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike)
  
+08 May 2012, PHP 5.4.3
+
+- CGI
+  . Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.
+    (Stas)
+  . Fix bug #61807 - Buffer Overflow in apache_request_headers.
+    (nyt-php at countercultured dot net). 
+
+03 May 2012, PHP 5.4.2
+
+- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
+
  26 Apr 2012, PHP 5.4.1
  
  - CLI Server:
author	Stanislav Malyshev <stas@php.net>
	Wed, 9 May 2012 20:37:49 +0000 (13:37 -0700)
committer	Stanislav Malyshev <stas@php.net>
	Sun, 13 May 2012 02:39:12 +0000 (19:39 -0700)