1 files changed, 20 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index b14ce1b645..7640a0ddd5 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,6 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-30 Apr 2015, PHP 5.6.9RC1
+14 May 2015, PHP 5.6.9
 
 - Core:
   . Fixed bug #69467 (Wrong checked for the interface by using Trait). 
@@ -15,6 +15,15 @@ PHP                                                                        NEWS
     (Nikita)
   . Fixed bug #69472 (php_sys_readlink ignores misc errors from
        GetFinalPathNameByHandleA). (Jan Starke)
+  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
+  . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
+    (Stas)
+  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
+  . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
+
+- FTP:
+  . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
+    overflow). (Stas)
 
 - ODBC:
   . Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0).
@@ -28,6 +37,16 @@ PHP                                                                        NEWS
   . Fixed bug #69402 (Reading empty SSL stream hangs until timeout).
     (Daniel Lowrey)
 
+- PCNTL:
+  . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
+
+- PCRE
+  . Upgraded pcrelib to 8.37.
+
+- Phar:
+  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
+    filename starts with null). (Stas)
+
 16 Apr 2015, PHP 5.6.8
 
 - Core: