update NEWS

diff --git a/NEWS b/NEWS
index 1e9fb65d7a027a7e4ca8a111b07733ecf9f37e4b..215ce798a40f9745daba130e1f4f6862615d8c55 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -3,22 +3,26 @@ PHP                                                                        NEWS
 ?? ??? 2016 PHP 7.0.3
 
 - Core:
-  . Fixed bug #71336 (Wrong is_ref on properties as exposed via
-    get_object_vars()). (Laruence)
-  . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
-  . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
+  . Added support for new HTTP 451 code. (Julien)
+  . Fixed bug #71039 (exec functions ignore length but look for NULL termination).
+    (Anatol)
+  . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
+  . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
   . Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
     ob_start). (hugh at allthethings dot co dot nz)
-  . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
-  . Added support for new HTTP 451 code. (Julien)
-  . Fixed Bug #71275 (Bad method called on cloning an object having a trait).
-    (Bob)
+  . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
   . Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
     (Anatol)
+  . Fixed Bug #71275 (Bad method called on cloning an object having a trait).
+    (Bob)
   . Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
+  . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
   . Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
-  . Fixed bug #71039 (exec functions ignore length but look for NULL termination).
-    (Anatol)
+  . Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its 
+    input). (Leo Gaspard)
+  . Fixed bug #71336 (Wrong is_ref on properties as exposed via
+    get_object_vars()). (Laruence)
+  . Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
 
 - Apache2handler:
   . Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
@@ -39,6 +43,15 @@ PHP                                                                        NEWS
 - mbsgring:
   . Fixed bug #71397 (mb_send_mail segmentation fault). (Yasuo)
 
+OpenSSL:
+  . Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)
+
+- Phar:
+  . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
+  . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
+    (Stas)
+  . Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
+
 - SOAP:
   . Fixed bug #70979 (crash with bad soap request). (Anatol)
   
@@ -47,7 +60,11 @@ PHP                                                                        NEWS
     (Laruence)
   . Fixed bug #71202 (Autoload function registered by another not activated
     immediately). (Laruence)
-
+  . Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
+    unserialize)). (Sean Heelan)
+  . Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
+    unserialize)). (Sean Heelan)
+  
 - Session:
   . Improved fix for bug #68063 (Empty session IDs do still start sessions). (Yasuo)
   . Fixed bug #69111 (Crash in SessionHandler::read()) (Yasuo)
@@ -74,6 +91,10 @@ PHP                                                                        NEWS
   . Fixed bug #70720 (strip_tags improper php code parsing). (Julien)
   . Fixed bug #71132, #71197 (range() segfaults). (Thomas Punt)
 
+- WDDX:
+  . Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
+
+
 07 Jan 2016 PHP 7.0.2
 
 - Core: