[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS

Stanislav Malyshev Tue, 18 Sep 2007 17:41:28 -0700

stas            Wed Sep 19 00:41:11 2007 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src    NEWS 
  Log:
  report iconv fix
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.955&r2=1.2027.2.547.2.956&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.955 php-src/NEWS:1.2027.2.547.2.956
--- php-src/NEWS:1.2027.2.547.2.955     Tue Sep 18 20:25:07 2007
+++ php-src/NEWS        Wed Sep 19 00:41:10 2007
@@ -12,6 +12,8 @@
 - Fixed dl() to only accept filenames - reported by Laurent Gaffie. (Stas)
 - Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
   (Christian Hoffmann)
+- Fixed iconv_*() functions to limit argument sizes as workaround to libc 
+  bug (CVE-2007-4783, CVE-2007-4840). (Christian Hoffmann, Stas)
 - Fixed missing brackets leading to build warning and error in the log.
   Win32 code). (Andrey)
 - Fixed leaks with multiple connects on one mysqli object. (Andrey)


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS

Reply via email to