New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update PHP 5.5 NEWS entries with CVE info #1892

Closed
wants to merge 7 commits into
base: PHP-5.5
from

Add CVE IDs PHP 5.5.28

  • Loading branch information...
kaplanlior committed Apr 28, 2016
commit 14aaf23d8a3dfe698e03954ac0d51bb08cc2c483
View
12 NEWS
@@ -161,26 +161,26 @@ PHP NEWS
- OpenSSL:
. Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
secure). (Stas)
secure). (CVE-2015-8867) (Stas)
- Phar:
. Improved fix for bug #69441. (Anatol Belski)
. Fixed bug #70019 (Files extracted from archive may be placed outside of
destination directory). (Anatol Belski)
destination directory). (CVE-2015-6833) (Anatol Belski)
- SOAP:
. Fixed bug #70081 (SoapClient info leak / null pointer dereference via
multiple type confusions). (Stas)
- SPL:
. Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
items). (sean.heelan)
items). (CVE-2015-6832) (sean.heelan)
. Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
SPLArrayObject). (taoguangchen at icloud dot com)
SPLArrayObject). (CVE-2015-6831) (taoguangchen at icloud dot com)
. Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
SplObjectStorage). (CVE-2015-6831) (taoguangchen at icloud dot com)
. Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
SplDoublyLinkedList). (CVE-2015-6831) (taoguangchen at icloud dot com)
9 Jul 2015, PHP 5.5.27
ProTip! Use n and p to navigate between commits in a pull request.