Update NEWS file

This contains all the security fixes for July's release.
php · Jun 29, 2021 · 7fe7e31 · 7fe7e31
1 parent 09f0efc
commit 7fe7e31
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/NEWS b/NEWS
@@ -1,8 +1,5 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? ????, PHP 8.0.9
-
-
 17 Jun 2021, PHP 8.0.8RC1
 
 - Core:
@@ -14,6 +11,8 @@ PHP                                                                        NEWS
     (Nikita)
   . Fixed bug #81070 (Integer underflow in memory limit comparison).
     (Peter van Dommelen)
+  . Fixed bug #81122 (SSRF bypass in FILTER_VALIDATE_URL).
+    (CVE-2021-21705) (cmb)
 
 - Bzip2:
   . Fixed bug #81092 (fflush before stream_filter_remove corrupts stream).
@@ -43,6 +42,16 @@ PHP                                                                        NEWS
 - MySQLnd:
   . Fixed bug #80761 (PDO uses too much memory). (Nikita)
 
+- PDO_Firebird:
+   . Fixed bug #76448 (Stack buffer overflow in firebird_info_cb).
+    (CVE-2021-21704) (cmb)
+   . Fixed bug #76449 (SIGSEGV in firebird_handle_doer).
+    (CVE-2021-21704) (cmb)
+   . Fixed bug #76450 (SIGSEGV in firebird_stmt_execute).
+    (CVE-2021-21704) (cmb)
+   . Fixed bug #76452 (Crash while parsing blob data in firebird_fetch_blob).
+    (CVE-2021-21704) (cmb)
+
 - readline:
   . Fixed bug #72998 (invalid read in readline completion). (krakjoe)