report iconv fix

author Stanislav Malyshev <stas@php.net>

Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)

committer Stanislav Malyshev <stas@php.net>

Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)
author Stanislav Malyshev <stas@php.net>
Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)
committer Stanislav Malyshev <stas@php.net>
Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)
diff --git a/NEWS b/NEWS

index 1e722dc28783e4c17a1551d060c8cc3a09f0fe5d..89b4ae94888d9134de6919f168336427ae502e27 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,8 @@ PHP                                                                        NEWS
  - Fixed dl() to only accept filenames - reported by Laurent Gaffie. (Stas)
  - Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
    (Christian Hoffmann)
+- Fixed iconv_*() functions to limit argument sizes as workaround to libc 
+  bug (CVE-2007-4783, CVE-2007-4840). (Christian Hoffmann, Stas)
  - Fixed missing brackets leading to build warning and error in the log.
    Win32 code). (Andrey)
  - Fixed leaks with multiple connects on one mysqli object. (Andrey)
author	Stanislav Malyshev <stas@php.net>
	Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)
committer	Stanislav Malyshev <stas@php.net>
	Wed, 19 Sep 2007 00:41:10 +0000 (00:41 +0000)