php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update NEWS with info about security issues

Browse Source
This commit is contained in:
Jakub Zelenka
2025-12-12 13:48:26 +01:00
committed by Saki Takamachi
parent 7425b7f48b
commit cb8e9969bb
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
NEWS
View File

@@ -59,6 +59,10 @@ PHP NEWS
. Fixed bug GH-20329 (opcache.file_cache broken with full interned string . Fixed bug GH-20329 (opcache.file_cache broken with full interned string
buffer). (Arnaud) buffer). (Arnaud)
- PDO:
. Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref). (CVE-2025-14180)
(Jakub Zelenka)
- Phar: - Phar:
. Fixed bug GH-20442 (Phar does not respect case-insensitiveness of . Fixed bug GH-20442 (Phar does not respect case-insensitiveness of
__halt_compiler() when reading stub). (ndossche, TimWolla) __halt_compiler() when reading stub). (ndossche, TimWolla)
@@ -77,7 +81,12 @@ PHP NEWS
. Fix memory leak in array_diff() with custom type checks. (ndossche) . Fix memory leak in array_diff() with custom type checks. (ndossche)
. Fixed bug GH-20583 (Stack overflow in http_build_query . Fixed bug GH-20583 (Stack overflow in http_build_query
via deep structures). (ndossche) via deep structures). (ndossche)
. Fixed bug GH-20584 (Information Leak of Memory). (ndossche) . Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()).
(ndossche)
. Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()).
(CVE-2025-14178) (ndossche)
. Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize).
(CVE-2025-14177) (ndossche)
- Tidy: - Tidy:
. Fixed bug GH-20374 (PHP with tidy and custom-tags). (ndossche) . Fixed bug GH-20374 (PHP with tidy and custom-tags). (ndossche)