Fixed stack based buffer overflow in transparent cookie encryption (see separate advisory)

author: Stefan Esser 2012-01-14 09:44:17 +0100
committer: Stefan Esser 2012-01-14 09:44:17 +0100
commit: 73b1968ee30f6d9d2dae497544b910e68e114bfa (patch)
tree: ac6c8a3757dcd8a8622bf706a190a4a4f4d13bd5 /Changelog
parent: f6453621b786a13e8be17fb1a6ee04601383f9d4 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 6c18103..8c2a8a4 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,6 @@
 2012-01-11 - 0.9.33-dev
+    - Fixed stack based buffer overflow in transparent cookie encryption (see separate advisory)
    - Fixed that disabling HTTP response splitting protection also disabled NUL byte protection in HTTP headers
    - Removed crypt() support - because not used for PHP >= 5.3.0 anyway
author	Stefan Esser	2012-01-14 09:44:17 +0100
committer	Stefan Esser	2012-01-14 09:44:17 +0100
commit	73b1968ee30f6d9d2dae497544b910e68e114bfa (patch)
tree	ac6c8a3757dcd8a8622bf706a190a4a4f4d13bd5 /Changelog
parent	f6453621b786a13e8be17fb1a6ee04601383f9d4 (diff)

diff --git a/Changelog b/Changelog index 6c18103..8c2a8a4 100644 --- a/Changelog +++ b/Changelog
@@ -1,5 +1,6 @@
1	2012-01-11 - 0.9.33-dev	1	2012-01-11 - 0.9.33-dev
2		2
		3	- Fixed stack based buffer overflow in transparent cookie encryption (see separate advisory)
3	- Fixed that disabling HTTP response splitting protection also disabled NUL byte protection in HTTP headers	4	- Fixed that disabling HTTP response splitting protection also disabled NUL byte protection in HTTP headers
4	- Removed crypt() support - because not used for PHP >= 5.3.0 anyway	5	- Removed crypt() support - because not used for PHP >= 5.3.0 anyway
5		6