Add CVE IDs PHP 5.6.18

lc-Arvin · Apr 29, 2016 · a23ae0f · a23ae0f
1 parent b8b2dd1
commit a23ae0f
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/NEWS b/NEWS
@@ -182,15 +182,19 @@ PHP                                                                        NEWS
     on the same server). (Anatol)
 
 - PCRE:
-  . Upgraded bundled PCRE library to 8.38.
+  . Upgraded bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386,
+    CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393,
+    CVE-2015-8394)
 
 - Phar:
-  . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
+  . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (CVE-2016-4342)
+    (Stas)
   . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
     (CVE-2016-4343) (Stas)
   . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
     (Stas)
-  . Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
+  . Fixed bug #71488 (Stack overflow when decompressing tar archives).
+    (CVE-2016-2554) (Stas)
 
 - Session:
   . Fixed bug #69111 (Crash in SessionHandler::read()). (Anatol)