From 639f92275adf4056956d70c3188d2f774f168fdd Mon Sep 17 00:00:00 2001
From: Lior Kaplan <kaplanlior@gmail.com>
Date: Tue, 31 Mar 2015 09:11:21 +0300
Subject: [PATCH] Add CVE for bug #69207

---
 NEWS | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index a0366d2c2b..9c437fae72 100644
--- a/NEWS
+++ b/NEWS
@@ -12,7 +12,6 @@ PHP                                                                        NEWS
   . Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
   . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
     configuration options). (Anatol Belski)
-  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)
   . Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in
     __call/... arg passing). (Nikita)
   . Fixed bug #69221 (Segmentation fault when using a generator in combination
@@ -85,7 +84,8 @@ PHP                                                                        NEWS
     (CVE-2015-0231) (Stas)
   . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
     configuration options). (Anatol Belski)
-  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)
+  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (CVE-2015-2348)
+    (Stas)
 
 - CGI:
   . Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)
-- 
2.40.0