From: Stanislav Malyshev <stas@php.net>
Date: Tue, 12 May 2015 19:17:54 +0000 (-0700)
Subject: update NEWS
X-Git-Tag: php-5.4.42~15
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2f83797a0c884342377c79183863bec87e04d8ab;p=php

update NEWS
---

diff --git a/NEWS b/NEWS
index 811f66ddf5..e7d2c66e5a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,10 +1,30 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2015 PHP 5.4.41
+?? ??? 2015 PHP 5.4.42
+
+14 May 2015 PHP 5.4.41
+
+- Core: 
+  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
+  . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). 
+    (Stas)
+  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
+  . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
+  
+- FTP:
+  . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
+    overflow). (Stas)
+
+- PCNTL:
+  . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
 
 - PCRE
   . Upgraded pcrelib to 8.37.
 
+- Phar:
+  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
+    starts with null). (Stas)
+
 16 Apr 2015 PHP 5.4.40
 
 - Apache2handler: