From: Christoph M. Becker <cmbecker69@gmx.de>
Date: Tue, 17 Dec 2019 08:51:30 +0000 (+0100)
Subject: Update/fix NEWS [ci skip]
X-Git-Tag: php-7.3.14RC1~23
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3d50131ef7f5f55e9f0127246a1c9f6744d31817;p=php

Update/fix NEWS [ci skip]
---

diff --git a/NEWS b/NEWS
index db9d5fa8cf..2fca3918b1 100644
--- a/NEWS
+++ b/NEWS
@@ -2,10 +2,6 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? ????, PHP 7.3.14
 
-- Core:
-  . Fixed bug #78943 (mail() may release string with refcount==1 twice).
-    (CVE-2019-11049). (cmb)
-
 - CURL:
   . Implemented FR #77711 (CURLFile should support UNICODE filenames). (cmb)
 
@@ -15,13 +11,29 @@ PHP                                                                        NEWS
 
 19 Dec 2019, PHP 7.3.13
 
+- Bcmath:
+  . Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046).
+    (cmb)
+
 - Core:
+  . Fixed bug #78862 (link() silently truncates after a null byte on Windows).
+    (CVE-2019-11044). (cmb)
+  . Fixed bug #78863 (DirectoryIterator class silently truncates after a null
+    byte). (CVE-2019-11045). (cmb)
+  . Fixed bug #78943 (mail() may release string with refcount==1 twice).
+    (CVE-2019-11049). (cmb)
   . Fixed bug #78787 (Segfault with trait overriding inherited private shadow
     property). (Nikita)
   . Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
     (Antony Dovgal, Dmitry)
   . Fixed bug #78296 (is_file fails to detect file). (cmb)
 
+- EXIF:
+  . Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer).
+    (CVE-2019-11050). (Nikita)
+  . Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047).
+    (Nikita)
+
 - GD:
   . Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb)