php/archived-web-php
1
0
Fork 0
mirror of https://github.com/php/web-php.git synced 2026-03-23 23:02:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Link GHSA advisories in ChangeLog (#1082)

Browse Source
This commit is contained in:
Tim Düsterhus
2024-10-02 12:52:25 +02:00
committed by GitHub
parent 03ce04d88c
commit acd86a16d9
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog-8.php
View File

@@ -13,8 +13,8 @@ changelog_header(8, $MINOR_VERSIONS);
<b><?php release_date('26-Sep-2024'); ?></b>
<ul><li>CGI:
<ul>
<li>Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)</li>
<li>Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)</li>
<li>Fixed bug <?php githubsecurityl('php/php-src', 'p99j-rfp4-xqvq'); ?> (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)</li>
<li>Fixed bug <?php githubsecurityl('php/php-src', '94p6-54jq-9mwp'); ?> (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)</li>
</ul></li>
<li>Core:
<ul>
@@ -41,7 +41,7 @@ changelog_header(8, $MINOR_VERSIONS);
</ul></li>
<li>FPM:
<ul>
<li>Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)</li>
<li>Fixed bug <?php githubsecurityl('php/php-src', '865w-9rf3-2wh5'); ?> (Logs from childrens may be altered). (CVE-2024-9026)</li>
</ul></li>
<li>MySQLnd:
<ul>
@@ -54,7 +54,7 @@ changelog_header(8, $MINOR_VERSIONS);
</ul></li>
<li>SAPI:
<ul>
<li>Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)</li>
<li>Fixed bug <?php githubsecurityl('php/php-src', '9pqp-7h25-4f32'); ?> (Erroneous parsing of multipart form data). (CVE-2024-8925)</li>
</ul></li>
<li>Standard:
<ul>

2
bin/news2html
View File

@@ -66,6 +66,8 @@ $bug_map = [
'/Implemented FR #([0-9]+)/' => '<?php implemented(\1); ?'.'>',
'/GitHub PR #([0-9]+)/' => '<?php githubissuel(\'php/php-src\', \1); ?'.'>',
'/GH-([0-9]+)/' => '<?php githubissuel(\'php/php-src\', \1); ?'.'>',
'/GHSA-([0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4})/'
=> '<?php githubsecurityl(\'php/php-src\', \'\1\'); ?'.'>',
];
foreach($entries as $module => $items) {

4
include/changelogs.inc
View File

@@ -28,6 +28,10 @@ function githubissuel($repo, $number): void {
echo "<a href=\"https://github.com/$repo/issues/$number\">GH-$number</a>";
}
function githubsecurityl($repo, $id): void {
echo "<a href=\"https://github.com/$repo/security/advisories/GHSA-$id\">GHSA-$id</a>";
}
function release_date($in): void {
$time = strtotime($in);
$human_readable = date('d M Y', $time);