add missing NEWS entries

diff --git a/NEWS b/NEWS
index ecd71802a552284c242fccfac21696ae0862fca2..0a36d602e96da7d3a8c11a6f192cb0574cb99d11 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -30,6 +30,9 @@
     (Christoph M. Becker)
   . Improved fix for bug #69545 (Integer overflow in ftp_genlist()
     resulting in heap overflow). (Max Spelsberg)
+  . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
+    (Anatol Belski)
+  . Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)
 
 - GD:
   . Fixed bug #69479 (GD fails to build with newer libvpx). (Remi)
@@ -37,6 +40,13 @@
 - Iconv:
   . Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas)
 
+- Litespeed SAPI:
+  . Fixed bug #68812 (Unchecked return value). (George Wang)
+
+- Mail:
+  . Fixed bug #68776 (mail() does not have mail header injection prevention for
+    additional headers). (Yasuo)
+
 - MCrypt:
   . Added file descriptor caching to mcrypt_create_iv() (Leigh)