[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ NEWS
stas Wed, 13 Apr 2011 17:33:00 + Revision: http://svn.php.net/viewvc?view=revision&revision=310212 Log: add CVE Changed paths: U php/php-src/branches/PHP_5_3/NEWS Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-04-13 16:09:10 UTC (rev 310211) +++ php/php-src/branches/PHP_5_3/NEWS 2011-04-13 17:33:00 UTC (rev 310212) @@ -18,6 +18,7 @@ . Fixed bug #54454 (substr_compare incorrectly reports equality in some cases). (Pierrick) . Fixed bug #54238 (use-after-free in substr_replace()). (Stas) +(CVE-2011-1148) . Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment). (tomas dot brastavicius at quantum dot lt, Pierrick) . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/standard/string.c trunk/ext/standard/string.c
felipe Wed, 13 Apr 2011 13:38:52 + Revision: http://svn.php.net/viewvc?view=revision&revision=310209 Log: - Remove undesired line (reported by Gökhan Özbulak) Changed paths: U php/php-src/branches/PHP_5_3/ext/standard/string.c U php/php-src/trunk/ext/standard/string.c Modified: php/php-src/branches/PHP_5_3/ext/standard/string.c === --- php/php-src/branches/PHP_5_3/ext/standard/string.c 2011-04-13 12:23:46 UTC (rev 310208) +++ php/php-src/branches/PHP_5_3/ext/standard/string.c 2011-04-13 13:38:52 UTC (rev 310209) @@ -2408,8 +2408,6 @@ } else { l = Z_LVAL_PP(tmp_len); } - - l = Z_LVAL_PP(tmp_len); zend_hash_move_forward_ex(Z_ARRVAL_PP(len), &pos_len); } else { l = Z_STRLEN_P(orig_str); Modified: php/php-src/trunk/ext/standard/string.c === --- php/php-src/trunk/ext/standard/string.c 2011-04-13 12:23:46 UTC (rev 310208) +++ php/php-src/trunk/ext/standard/string.c 2011-04-13 13:38:52 UTC (rev 310209) @@ -2408,8 +2408,6 @@ } else { l = Z_LVAL_PP(tmp_len); } - - l = Z_LVAL_PP(tmp_len); zend_hash_move_forward_ex(Z_ARRVAL_PP(len), &pos_len); } else { l = Z_STRLEN_P(orig_str); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/standard/string.c branches/PHP_5_3/ext/standard/tests/strings/bug54238.phpt trunk/ext/standard/string.c trunk/ext/standard/t
hi Stas, please add the CVE to the news entry. On Wed, Apr 13, 2011 at 8:32 AM, Stanislav Malyshev wrote: > stas Wed, 13 Apr 2011 06:32:41 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=310194 > > Log: > fix bug #54238 (use-after-free in substr_replace()) > > Bug: http://bugs.php.net/54238 (error getting bug information) > > Changed paths: > U php/php-src/branches/PHP_5_3/NEWS > U php/php-src/branches/PHP_5_3/ext/standard/string.c > A php/php-src/branches/PHP_5_3/ext/standard/tests/strings/bug54238.phpt > U php/php-src/trunk/ext/standard/string.c > A php/php-src/trunk/ext/standard/tests/strings/bug54238.phpt > > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php