From fc39bb9da93b30e846fe7662c15d69d31cf31462 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 15 Mar 2020 19:35:01 -0700
Subject: [PATCH] [ci skip] Update NEWS

---
 NEWS | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/NEWS b/NEWS
index f984953e0d4..419bc047233 100644
--- a/NEWS
+++ b/NEWS
@@ -5,11 +5,25 @@ PHP                                                                        NEWS
 
 - Core:
   . Fixed bug #79364 (When copy empty array, next key is unspecified). (cmb)
+  . Fixed bug #79329 (get_headers() silently truncates after a null byte) 
+    (CVE-2020-7066) (cmb)
   . Fixed bug #78210 (Invalid pointer address). (cmb, Nikita)
 
 - CURL:
   . Fixed bug #79199 (curl_copy_handle() memory leak). (cmb)
 
+- EXIF:
+  . Fixed bug #79282 (Use-of-uninitialized-value in exif) (CVE-2020-7064)
+    (Nikita)
+
+- Fileinfo:
+  . Fixed bug #79283 (Segfault in libmagic patch contains a buffer
+    overflow) (cmb)
+
+- MBstring:
+  . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at 
+    php_unicode_tolower_full) (CVE-2020-7065) (cmb)
+
 - SimpleXML:
   . Fixed bug #61597 (SXE properties may lack attributes and content). (cmb)