Fixed.
http://git.php.net/?p=web/php.git;a=commitdiff;h=52cb11fca4c343f0529ceecfdc5372b49b966435
(should be refreshed on the website soon enough)
On Wed, Dec 24, 2014 at 6:58 AM, Yasuo Ohgaki wrote:
> Hi,
>
> http://php.net/ChangeLog-5.php#5.4.36
> does not mention CVE-2014-8142.
>
> Fixed bug
Hi,
http://php.net/ChangeLog-5.php#5.4.36
does not mention CVE-2014-8142.
Fixed bug #68594 (Use after free vulnerability in unserialize()).
should be
Fixed bug #68594 (Use after free vulnerability in
unserialize())(CVE-2014-8142).
like 5.5/5.4's changelog.
Regards,
--
Yasuo Ohgaki
yohg...@ohgak