Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix NEWS

diff --cc NEWS
index 419bc04723335a1dc5826f4da18cdaacf9825f53,2591b192ac64353d0093ae03a0a608550c7f4262..2f1153c709cf09f6dea88bb980d3bd8153af7730
--- 1/NEWS
--- 2/NEWS
+++ b/NEWS
@@@ -67,11 -41,14 +53,23 @@@ PH
    . Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
      (cmb)
  
+ - EXIF:
+   . Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
+     (Nikita)
+ 
++- Fileinfo:
++  . Fixed bug #79283 (Segfault in libmagic patch contains a buffer
++    overflow). (cmb)
++
 +- FPM:
 +  . Fixed bug #77653 (operator displayed instead of the real error message).
 +    (Jakub Zelenka)
 +  . Fixed bug #79014 (PHP-FPM & Primary script unknown). (Jakub Zelenka)
 +
+ - MBstring:
+   . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at 
+     php_unicode_tolower_full). (CVE-2020-7065) (cmb)
+ 
  - MySQLi:
    . Fixed bug #64032 (mysqli reports different client_version). (cmb)
  
@@@ -101,6 -67,8 +99,8 @@@
    . Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)
  
  - Standard:
 -  . Fixed bug #79329 (get_headers() silently truncates after a null byte). 
++  . Fixed bug #79329 (get_headers() silently truncates after a null byte).
+     (CVE-2020-7066) (cmb)
    . Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
    . Fixed bug #79265 (Improper injection of Host header when using fopen for
      http requests). (Miguel Xavier Penha Neto)