Skip to content

Commit 08e7252

Browse files
smalyshevsmalyshev
committed
update NEWS
1 parent c42d5cf commit 08e7252

File tree

1 file changed

+14
-5
lines changed

1 file changed

+14
-5
lines changed

NEWS

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ PHP NEWS
2424
. Fixed bug #67390 (insecure temporary file use in the configure script).
2525
(Remi) (CVE-2014-3981)
2626
. Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas)
27+
. Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
28+
(Stefan Esser)
2729

2830
- CLI server:
2931
. Fixed Bug #67406 (built-in web-server segfaults on startup). (Remi)
@@ -36,15 +38,20 @@ PHP NEWS
3638

3739
- Fileinfo:
3840
. Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary
39-
check).
41+
check). (CVE-2014-0207)
4042
. Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
41-
string size). (Francisco Alonso, Jan Kaluza, Remi)
43+
string size). (CVE-2014-3478) (Francisco Alonso, Jan Kaluza, Remi)
4244
. Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
43-
check). (Francisco Alonso, Jan Kaluza, Remi)
45+
check). (CVE-2014-3479) (Francisco Alonso, Jan Kaluza, Remi)
4446
. Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
45-
(Francisco Alonso, Jan Kaluza, Remi)
47+
(CVE-2014-3480) (Francisco Alonso, Jan Kaluza, Remi)
4648
. Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
47-
check). (Francisco Alonso, Jan Kaluza, Remi)
49+
check). (CVE-2014-3487) (Francisco Alonso, Jan Kaluza, Remi)
50+
51+
- Intl:
52+
. Fixed bug #67349 (Locale::parseLocale Double Free). (Stas)
53+
. Fixed bug #67397 (Buffer overflow in locale_get_display_name and
54+
uloc_getDisplayName (libicu 4.8.1)). (Stas)
4855

4956
- Network:
5057
. Fixed bug #67432 (Fix potential segfault in dns_get_record()).
@@ -63,6 +70,8 @@ PHP NEWS
6370
. Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas)
6471
. Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
6572
. Fixed bug #67360 (Missing element after ArrayObject::getIterator). (Adam)
73+
. Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
74+
Confusion) (CVE-2014-3515). (Stefan Esser)
6675

6776
29 May 2014, PHP 5.4.29
6877

0 commit comments

Comments
 (0)