[PHP-DEV] CVE-2014-8142 is not mentioned in 5.6.4 changelog

Yasuo Ohgaki Tue, 23 Dec 2014 21:01:57 -0800

Hi,

http://php.net/ChangeLog-5.php#5.4.36
does not mention CVE-2014-8142.


Fixed bug #68594 (Use after free vulnerability in unserialize()).
should be
Fixed bug #68594 (Use after free vulnerability in
unserialize())(CVE-2014-8142).
like 5.5/5.4's changelog.

Regards,

--
Yasuo Ohgaki
yohg...@ohgaki.net

[PHP-DEV] CVE-2014-8142 is not mentioned in 5.6.4 changelog

Reply via email to