From: Stanislav Malyshev <stas@php.net>
Date: Sun, 6 Jan 2019 21:11:55 +0000 (-0800)
Subject: Add NEWS
X-Git-Tag: php-7.3.2RC1~49
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1b7c599a024abf9bcd99147b93bd550c06fbad72;p=php

Add NEWS
---

diff --git a/NEWS b/NEWS
index eec10f3ef1..b398c8a0cf 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,7 @@ PHP                                                                        NEWS
 ?? ??? ????, PHP 7.3.2
 
 - Core:
+  . Fixed bug #77369 (memcpy with negative length via crafted DNS response). (Stas)
   . Fixed bug #77387 (Recursion detection broken when printing GLOBALS).
     (Laruence)
   . Fixed bug #77376 ("undefined function" message no longer includes
@@ -18,8 +19,22 @@ PHP                                                                        NEWS
     application/octet-stream). (Anatol)
 
 - GD:
+  . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
+    use-after-free). (cmb)
+  . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
   . Fixed bug #77391 (1bpp BMPs may fail to be loaded). (Romain Déoux, cmb)
 
+- Mbstring:
+  . Fixed bug #77367 (Negative size parameter in mb_split). (Stas)
+  . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas)
+  . Fixed bug #77371 (heap buffer overflow in mb regex functions
+    - compile_string_node). (Stas)
+  . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
+  . Fixed bug #77382 (heap buffer overflow due to incorrect length in
+    expand_case_fold_string). (Stas)
+  . Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
+  . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
+
 - MySQLnd:
   . Fixed bug #75684 (In mysqlnd_ext_plugin.h the plugin methods family has
       no external visibility). (Anatol)
@@ -35,6 +50,9 @@ PHP                                                                        NEWS
   . Fixed bug #77273 (array_walk_recursive corrupts value types leading to PDO
     failure). (Nikita)
 
+- Phar:
+  . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)
+
 - SOAP:
   . Fixed bug #77410 (Segmentation Fault when executing method with an empty
     parameter). (Nikita)
@@ -52,6 +70,10 @@ PHP                                                                        NEWS
 - Standard:
   . Fixed bug #77395 (segfault about array_multisort). (Laruence)
 
+- Xmlrpc:
+  . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
+  . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
+
 03 Jan 2019, PHP 7.3.1
 
 - Core: