stas Fri Oct 26 17:45:26 2007 UTC Modified files: (Branch: PHP_5_2) /php-src NEWS Log: add attribution http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.988&r2=1.2027.2.547.2.989&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.988 php-src/NEWS:1.2027.2.547.2.989 --- php-src/NEWS:1.2027.2.547.2.988 Fri Oct 26 08:13:15 2007 +++ php-src/NEWS Fri Oct 26 17:45:26 2007 @@ -26,15 +26,16 @@ - Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). (Christian Hoffmann) - Fixed iconv_*() functions to limit argument sizes as workaround to libc - bug (CVE-2007-4783, CVE-2007-4840). (Christian Hoffmann, Stas) + bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). + (Christian Hoffmann, Stas) - Fixed missing brackets leading to build warning and error in the log. - Win32 code). (Andrey) + Win32 code. (Andrey) - Fixed leaks with multiple connects on one mysqli object. (Andrey) - Fixed endianness detection on MacOS when building universal binary. (Uwe Schindler, Christian Speich, Tony) - Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. - Reported by Laurent gaffie. (Ilia) + Reported by Laurent Gaffie. (Ilia) - Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre) - Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. (Stas)
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php