1 files changed, 68 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 0aca85c9ea..844b536239 100644
--- a/NEWS
+++ b/NEWS
@@ -1,14 +1,25 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2014, PHP 5.6.0 Beta 1
+?? ??? 2014, PHP 5.6.0 Beta 2
+
+10 Apr 2014, PHP 5.6.0 Beta 1
 
 - Core:
   . Allow zero length comparison in substr_compare() (Tjerk)
   . Fixed bug #60602 (proc_open() changes environment array) (Tjerk)
+  . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike)
+  . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace 
+    UNIX sockets). (Mike)
+  . Fixed bug #66182 (exit in stream filter produces segfault). (Mike)  
+  . Fixed bug #66736 (fpassthru broken). (Mike)
   . Fixed bug #66822 (Cannot use T_POW in const expression) (Tjerk)
+  . Fixed bug #67043 (substr_compare broke by previous change) (Tjerk)
 
 - SPL:
   . Added feature #65545 (SplFileObject::fread()) (Tjerk)
+  . Fixed bug #66834 (empty() does not work on classes that extend ArrayObject) (Tjerk)
+  . Fixed bug #66702 (RegexIterator::INVERT_MATCH does not invert). (Joshua
+    Thijssen)
 
 - cURL:
   . Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour)
@@ -20,20 +31,47 @@ PHP                                                                        NEWS
   . Added DateTimeImmutable::createFromMutable to create a DateTimeImmutable
     object from an existing DateTime (mutable) object (Derick)
 
+- Embed:
+  . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol).
+
+- Fileinfo:
+  . Fixed bug #66820 (out-of-bounds memory access in fileinfo)
+    (CVE-2014-2270). (Remi)
+  . Fixed bug #66946i (fileinfo: extensive backtracking in awk rule regular
+    expression). (CVE-2013-7345) (Remi)
+  . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian).
+    (Remi)
+
+
 - GD:
   . Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer
     CVE-2013-7327). (Tomas Hoger, Remi).
+  . Fixed #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre)
   . Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi)
   . Fixed bug #66890 (imagescale segfault). (Remi)
   . Fixed bug #66893 (imagescale ignore method argument). (Remi)
 
+- GMP:
+  . Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre)
+
 - Hash:
   . Fixed bug #66698 (Missing FNV1a32 and FNV1a64 hash functions).
     (Michael M Slusarz).
+  . Implemented timing attack safe string comparison function
+    (RFC: https://wiki.php.net/rfc/timing_attack). (Rouven Weßling)
+  . hash_pbkdf2() now works correctly if the $length argument is not specified.
+    (Nikita)
+
+- Intl:
+  . Fixed bug #66873 (A reproductible crash in UConverter when given invalid
+    encoding) (Stas)
 
 - Mail:
   . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk)
 
+- Mbstring:
+  . Upgraded to oniguruma 5.9.5 (Anatol)
+
 - Mcrypt:
   . No longer allow invalid key sizes, invalid IV sizes or missing required IV
     in mcrypt_encrypt, mcrypt_decrypt and the deprecated mode functions.
@@ -55,6 +93,13 @@ PHP                                                                        NEWS
     peer verification fails. (Daniel Lowrey)
   . Encrypted TLS servers now support the server name indication TLS extension
     via the new  "SNI_server_certs" SSL context option. (Daniel Lowrey)
+  . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi)
+
+- PCRE:
+  . Added support for (*MARK) backtracking verbs. (Nikita)
+
+- PDO_firebird:
+  . Fixed Bug #66071 (memory corruption in error handling) (Popa)
 
 - PDO_pgsql:
   . Cleaned up code by increasing the requirements to libpq versions providing
@@ -67,9 +112,31 @@ PHP                                                                        NEWS
     without preparing them, while still passing parameters separately from
     the command text using PQexecParams. (Matteo)
 
+- Pgsql:
+  . Read-only access to the socket stream underlying database connections is
+    exposed via a new pg_socket() function to allow read/write polling when
+    establishing asynchronous connections and executing queries in non-blocking
+    applications. (Daniel Lowrey)
+  . Asynchronous connections are now possible using the PGSQL_CONNECT_ASYNC
+    flag in conjunction with a new pg_connect_poll() function and connection
+    polling status constants. (Daniel Lowrey)
+  . New pg_flush() and pg_consume_input() functions added to manually complete
+    non-blocking reads/writes to underlying connection sockets. (Daniel Lowrey)
+
+- Session
+  . Remove session_gc() and session_serializer_name() wich were introduced in the first 5.6.0 alpha.
+
+- SimpleXML:
+  . Fixed bug #66084 (simplexml_load_string() mangles empty node name)
+    (Anatol)
+
 - SQLite:
   . Updated the bundled libsqlite to the version 3.8.3.1 (Anatol)
 
+- XSL:
+  . Fixed bug #53965 (<xsl:include> cannot find files with relative paths
+    when loaded with "file://"). (Anatol)
+
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 27 Feb 2014, PHP 5.6.0 Alpha 3