From c9ac441fe883ef1980d5374c3ef09eb1048a532a Mon Sep 17 00:00:00 2001
From: Lior Kaplan <kaplanlior@gmail.com>
Date: Fri, 22 May 2015 10:58:28 +0300
Subject: [PATCH] Add CVE for bugs in 5.5.25

---
 NEWS | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/NEWS b/NEWS
index 2cae7404e9..0ccc88c8ac 100644
--- a/NEWS
+++ b/NEWS
@@ -30,10 +30,12 @@ PHP                                                                        NEWS
 14 May 2015, PHP 5.5.25
 
 - Core:
-  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
+  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability).
+    (CVE-2015-4024) (Stas)
   . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). 
     (Stas)
-  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
+  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (CVE-2015-4025)
+    (Stas)
   . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
   . Fixed bug #69467 (Wrong checked for the interface by using Trait). 
     (Laruence)
@@ -50,7 +52,7 @@ PHP                                                                        NEWS
 
 - FTP:
   . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
-    overflow). (Stas)
+    overflow). (CVE-2015-4022) (Stas)
 
 - ODBC:
   . Fixed bug #69474 (ODBC: Query with same field name from two tables returns
@@ -63,11 +65,12 @@ PHP                                                                        NEWS
     (Daniel Lowrey)
 
 - PCNTL:
-  . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
+  . Fixed bug #68598 (pcntl_exec() should not allow null char). (CVE-2015-4026)
+    (Stas)
 
 - Phar:
-  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
-    starts with null). (Stas)
+  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
+    filename starts with null). (CVE-2015-4021) (Stas)
 
 16 Apr 2015, PHP 5.5.24
 
-- 
2.40.0