From 18e17344d7c414de20bfc0240d75d64a40cd4aed Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Wed, 25 Jan 2017 01:54:48 +0200 Subject: [PATCH] Add CVE ID to bugs #73832 (PHP 5.6.30, 7.0.15 and 7.1.1) and #73092 (PHP 7.0.15 and 7.1.1) --- ChangeLog-7.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog-7.php b/ChangeLog-7.php index 6912a55e6..71be41a05 100644 --- a/ChangeLog-7.php +++ b/ChangeLog-7.php @@ -18,8 +18,8 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change
  • (unserialized array pointer not advancing).
  • (Heap out of bounds read on unserialize in finish_nested_data()). (CVE-2016-10161)
  • (NULL Pointer Dereference while unserialize php object). (CVE-2016-10162)
    • -
  • (Use of uninitialized memory in unserialize()).
    • -
  • (Unserialize use-after-free when resizing object's properties hash table).
    • +
  • (Use of uninitialized memory in unserialize()). (CVE-2017-5340)
    • +
  • (Unserialize use-after-free when resizing object's properties hash table). (CVE-2016-7479)
  • (Use After Free in unserialize()).
  • (Type Confusion in Object Deserialization).
    • @@ -116,7 +116,7 @@ site_header("PHP 7 ChangeLog", array("current" => "docs", "css" => array("change
  • (SIG_IGN doesn't work when Zend Signals is enabled).
  • (Heap out of bounds read on unserialize in finish_nested_data()). (CVE-2016-10161)
  • (NULL Pointer Dereference while unserialize php object). (CVE-2016-10162)
    • -
  • (Use of uninitialized memory in unserialize()).
    • +
  • (Use of uninitialized memory in unserialize()). (CVE-2017-5340)