File tree Expand file tree Collapse file tree 1 file changed +29
-0
lines changed Expand file tree Collapse file tree 1 file changed +29
-0
lines changed Original file line number Diff line number Diff line change @@ -5,7 +5,36 @@ PHP NEWS
55** PHP 5.5 is in security-only mode , please do not commit to this branch **
66
77- Core:
8+ . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
9+ method calls). (Stas)
10+ . Fixed bug #69892 (Different arrays compare indentical due to integer key
11+ truncation). (Nikita)
812 . Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
13+ . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
14+ / NULL pointer deref). (Stas)
15+
16+ - OpenSSL:
17+ . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
18+ secure). (Stas)
19+
20+ - Phar:
21+ . Improved fix for bug #69441. (Anatol Belski)
22+ . Fixed bug #70019 (Files extracted from archive may be placed outside of
23+ destination directory). (Anatol Belski)
24+
25+ - SOAP:
26+ . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
27+ multiple type confusions). (Stas)
28+
29+ - SPL:
30+ . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
31+ items). (sean.heelan)
32+ . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
33+ SPLArrayObject). (taoguangchen at icloud dot com)
34+ . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
35+ SplObjectStorage). (taoguangchen at icloud dot com)
36+ . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
37+ SplDoublyLinkedList). (taoguangchen at icloud dot com)
938
10399 Jul 2015, PHP 5.5.27
1140
You can’t perform that action at this time.
0 commit comments