Fixed. http://git.php.net/?p=web/php.git;a=commitdiff;h=52cb11fca4c343f0529ceecfdc5372b49b966435
(should be refreshed on the website soon enough) On Wed, Dec 24, 2014 at 6:58 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: > Hi, > > http://php.net/ChangeLog-5.php#5.4.36 > does not mention CVE-2014-8142. > > Fixed bug #68594 (Use after free vulnerability in unserialize()). > should be > Fixed bug #68594 (Use after free vulnerability in > unserialize())(CVE-2014-8142). > like 5.5/5.4's changelog. > > Regards, > > -- > Yasuo Ohgaki > yohg...@ohgaki.net >
