Skip to content

Commit 812ac06

Browse files
committed
Update NEWS file
1 parent f44c2d9 commit 812ac06

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

NEWS

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,12 @@ PHP NEWS
6262
(SakiTakamachi)
6363
. Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
6464
(divinity76)
65+
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
66+
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
67+
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
68+
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
69+
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
70+
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
6571

6672
- XML:
6773
. Fixed bug GH-13517 (Multiple test failures when building with

0 commit comments

Comments
 (0)