From db28ee8fd0564082511159b64294074d9122935f Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 26 Oct 2022 14:18:19 +0200
Subject: [PATCH] move CVEs in 8.0.25 changelog

---
 NEWS | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/NEWS b/NEWS
index ce320582fe5..9779ec74dd5 100644
--- a/NEWS
+++ b/NEWS
@@ -5,14 +5,6 @@ PHP                                                                        NEWS
 - CLI:
   . Fixed bug GH-9709 (Null pointer dereference with -w/-s options). (Adam Saponara)
 
-- GD:
-  . Fixed bug #81739: OOB read due to insufficient input validation in
-    imageloadfont(). (CVE-2022-31630) (cmb)
-
-- Hash:
-  . Fixed bug #81738: buffer overflow in hash_update() on long parameter. 
-    (CVE-2022-37454) (nicky at mouha dot be)
-
 - Core:
   . Fixed bug GH-9752 (Generator crashes when interrupted during argument
     evaluation with extra named params). (Arnaud)
@@ -33,6 +25,14 @@ PHP                                                                        NEWS
 
 27 Oct 2022, PHP 8.0.25
 
+- GD:
+  . Fixed bug #81739: OOB read due to insufficient input validation in
+    imageloadfont(). (CVE-2022-31630) (cmb)
+
+- Hash:
+  . Fixed bug #81738: buffer overflow in hash_update() on long parameter.
+    (CVE-2022-37454) (nicky at mouha dot be)
+
 - Session:
   . Fixed bug GH-9583 (session_create_id() fails with user defined save handler
     that doesn't have a validateId() method). (Girgias)