From: Lior Kaplan <kaplanlior@gmail.com>
Date: Fri, 29 Apr 2016 10:41:29 +0000 (+0300)
Subject: Add CVE IDs PHP 7.0.0
X-Git-Tag: php-7.0.7RC1~46
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9943c322426ed59ca098ee9a57fc87c42052af56;p=php

Add CVE IDs PHP 7.0.0
---

diff --git a/NEWS b/NEWS
index 1fc917be72..1df7cecc19 100644
--- a/NEWS
+++ b/NEWS
@@ -1044,7 +1044,7 @@ PHP                                                                        NEWS
   . Implemented FR #70438 (Add IV parameter for openssl_seal and openssl_open)
     (Jakub Zelenka)
   . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
-    secure). (Stas)
+    secure). (CVE-2015-8867) (Stas)
   . Fixed bug #69882 (OpenSSL error "key values mismatch" after
     openssl_pkcs12_read with extra cert). (Tomasz Sawicki)
   . Added "alpn_protocols" SSL context option allowing encrypted client/server
@@ -1292,7 +1292,8 @@ PHP                                                                        NEWS
     (Daniel Lowrey & Bob Weinand)
 
 - Zip:
-  . Fixed bug #70322 (ZipArchive::close() doesn't indicate errors). (cmb)
+  . Fixed bug #70322 (ZipArchive::close() doesn't indicate errors).
+    (CVE-2014-9767) (cmb)
   . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
     creating directories). (neal at fb dot com)
   . Added ZipArchive::setCompressionName and ZipArchive::setCompressionIndex