johannes Wed, 21 Jul 2010 14:19:59 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=301442
Log:
- Add lost entries
Changed paths:
U php/php-src/branches/PHP_5_2/NEWS
Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS 2010-07-21 12:42:49 UTC (rev 301441)
+++ php/php-src/branches/PHP_5_2/NEWS 2010-07-21 14:19:59 UTC (rev 301442)
@@ -9,6 +9,12 @@
- Rewrote var_export() to use smart_str rather than output buffering, prevents
data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
+- Fixed a possible interruption array leak in strrchr(). Reported by
+ Péter Veres. (CVE-2010-2484) (Felipe)
+- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
+ chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
+- Fixed a possible memory corruption in substr_replace() (Dmitry)
+- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
