Skip to content

Commit ae95d06

Browse files
committed
[ci skip] Add 7.3.23 security fixes to NEWS
1 parent b5cb999 commit ae95d06

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

NEWS

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,8 @@ PHP NEWS
3737
. Fixed bug #80048 (Bug #69100 has not been fixed for Windows). (cmb)
3838
. Fixed bug #80049 (Memleak when coercing integers to string via variadic
3939
argument). (Nikita)
40+
. Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-`
41+
cookies can be sent). (CVE-2020-7070) (Stas)
4042

4143
- Calendar:
4244
. Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
@@ -52,6 +54,10 @@ PHP NEWS
5254
. Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode
5355
handlers changed). (SammyK)
5456

57+
- OpenSSL:
58+
. Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
59+
bytes IV). (CVE-2020-7069) (Jakub Zelenka)
60+
5561
- PDO:
5662
. Fixed bug #80027 (Terrible performance using $query->fetch on queries with
5763
many bind parameters (Matteo)

0 commit comments

Comments
 (0)