From: Ilia Alshanetsky Date: Thu, 27 Nov 2008 17:29:20 +0000 (+0000) Subject: Updated NEWS file with CVE #s X-Git-Tag: php-5.2.7RC5~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=460b6552cd6b74907572092e24c0c987eca19c9a;p=php Updated NEWS file with CVE #s --- diff --git a/NEWS b/NEWS index 0f286ef40e..b0b522b0b4 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,11 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Nov 2008, PHP 5.2.7 -- Upgraded PCRE to version 7.8 (Ilia) +- Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia) + +- Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre) +- Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). (Laurent + Gaffie) - Fixed memory leak inside readline_callback_handler_remove() function. (Felipe) - Fixed bug #46696 (cURL fails in upload files with specified content-type). @@ -142,7 +146,7 @@ PHP NEWS pgsql). (Felipe) - Fixed bug #43723 (SOAP not sent properly from client for ). (Dmitry) - Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer - overflow). (Dmitry) + overflow). (Fixes CVE-2008-2829) (Dmitry) - Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas). (Felipe) - Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony) @@ -249,7 +253,7 @@ PHP NEWS - Fixed bug #45178 (memory corruption on assignment result of "new" by reference). (Dmitry) - Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)). - (Dmitry) + (Fixes CVE-2008-3660) (Dmitry) - Fixed bug #45139 (ReflectionProperty returns incorrect declaring class). (Felipe) - Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and