From 12107d619b4380efa8543046357af07b7733020d Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 4 Jul 2017 19:30:29 -0700
Subject: Update NEWS

---
 NEWS | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 877e450586..d9ca91ab0d 100644
--- a/NEWS
+++ b/NEWS
@@ -2,9 +2,25 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ?? 2017, PHP 5.6.31
 
-- Core
+- Core:
   . Fixed bug #73807 (Performance problem with processing post request over
     2000000 chars). (Nikita)
+  . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from
+    unserialize). (Nikita)
+  . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability).
+    (Stas)
+  . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via 
+    php_parse_date()). (Derick)
+
+GD:
+  . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb)
+
+OpenSSL:
+  . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()).
+    (Stas)
+
+WDDX:
+   . Fixed bug #74145 (wddx parsing empty boolean tag leads to SIGSEGV). (Stas)
 
 19 Jan 2017, PHP 5.6.30
 
-- 
cgit v1.2.1