From f423e1bb895d64c50dc538e8cdc556324e8b8cc2 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 24 May 2016 15:56:02 -0700
Subject: Update NEWS

---
 NEWS | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index a7e00962c8..f824cea0e0 100644
--- a/NEWS
+++ b/NEWS
@@ -2,13 +2,23 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ** PHP 5.5 is in security-only mode , please do not commit to this branch **
 
-??? 2016, PHP 5.5.36
+26 May 2016, PHP 5.5.36
+
+- Core:
+  . Fixed bug #72114 (Integer underflow / arbitrary null write in
+    fread/gzread). (Stas)
+  . Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)
+
+- GD:
+   . Fixed bug ##72227 (imagescale out-of-bounds read). (Stas)
+
+- Intl:
+   . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)
 
 - Phar:
   . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
     (CVE-2016-4343) (Stas)
 
-
 28 Apr 2016, PHP 5.5.35
 
 - BCMath:
-- 
cgit v1.2.1