From: Christoph M. Becker <cmbecker69@gmx.de>
Date: Tue, 17 Mar 2020 10:11:15 +0000 (+0100)
Subject: Merge branch 'PHP-7.3' into PHP-7.4
X-Git-Tag: php-7.4.7RC1~124
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1e63900cc0af4b8d7f1115c64197d2ea75a1b7ba;p=php

Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix NEWS
---

1e63900cc0af4b8d7f1115c64197d2ea75a1b7ba
diff --cc NEWS
index 419bc04723,2591b192ac..2f1153c709
--- a/NEWS
+++ b/NEWS
@@@ -67,11 -41,14 +53,23 @@@ PH
    . Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
      (cmb)
  
+ - EXIF:
+   . Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
+     (Nikita)
+ 
++- Fileinfo:
++  . Fixed bug #79283 (Segfault in libmagic patch contains a buffer
++    overflow). (cmb)
++
 +- FPM:
 +  . Fixed bug #77653 (operator displayed instead of the real error message).
 +    (Jakub Zelenka)
 +  . Fixed bug #79014 (PHP-FPM & Primary script unknown). (Jakub Zelenka)
 +
+ - MBstring:
+   . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at 
+     php_unicode_tolower_full). (CVE-2020-7065) (cmb)
+ 
  - MySQLi:
    . Fixed bug #64032 (mysqli reports different client_version). (cmb)
  
@@@ -101,6 -67,8 +99,8 @@@
    . Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)
  
  - Standard:
 -  . Fixed bug #79329 (get_headers() silently truncates after a null byte). 
++  . Fixed bug #79329 (get_headers() silently truncates after a null byte).
+     (CVE-2020-7066) (cmb)
    . Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
    . Fixed bug #79265 (Improper injection of Host header when using fopen for
      http requests). (Miguel Xavier Penha Neto)