Skip to content

Commit

Permalink
Update NEWS
Browse files Browse the repository at this point in the history
  • Loading branch information
@ramsey
ramsey committed Apr 10, 2024
1 parent 11f2568 commit 6f63d5f
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions NEWS
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,13 @@ PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 8.1.28

- Standard:
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)

21 Dec 2023, PHP 8.1.27

Expand Down

0 comments on commit 6f63d5f

Please sign in to comment.