From 9470b2016cf941732c3144598eb7db195446d910 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Thu, 6 Jul 2017 13:22:10 +0200
Subject: [PATCH] [ci skip] sync NEWS

---
 NEWS | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/NEWS b/NEWS
index d3604ee6eb..9c400e0437 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,20 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? ????, PHP 7.2.0beta1
 
+- Core:
+  . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability).
+    (Stas)
+  . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from
+    unserialize). (Nikita)
+  . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via
+    php_parse_date()). (Derick)
+
+- GD:
+  . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb)
+
+- OpenSSL:
+  . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()).
+    (Stas)
 
 06 Jul 2017, PHP 7.2.0alpha3
 
-- 
2.50.1