From: Stanislav Malyshev <stas@php.net>
Date: Sun, 18 Aug 2013 21:42:06 +0000 (-0700)
Subject: add CVE-2011-4718
X-Git-Tag: php-5.5.6RC1~21^2~6
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b33a1a139771b677ddc0858d66111667361d478c;p=php

add CVE-2011-4718
---

diff --git a/NEWS b/NEWS
index cc469dd4d0..948dcdc50d 100644
--- a/NEWS
+++ b/NEWS
@@ -54,7 +54,7 @@ PHP                                                                        NEWS
 - Sessions:
   . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
     which protects against session fixation attacks and session collisions.    
-    (Yasuo Ohgaki)
+    (CVE-2011-4718). (Yasuo Ohgaki)
   . Fixed possible buffer overflow under Windows. Note: Not a security fix.
     (Yasuo)
   . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo)