diff --git a/NEWS b/NEWS
index d3604ee6eb2..9c400e04374 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,20 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? ????, PHP 7.2.0beta1
 
+- Core:
+  . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability).
+    (Stas)
+  . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from
+    unserialize). (Nikita)
+  . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via
+    php_parse_date()). (Derick)
+
+- GD:
+  . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb)
+
+- OpenSSL:
+  . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()).
+    (Stas)
 
 06 Jul 2017, PHP 7.2.0alpha3
 
diff --git a/README.RELEASE_PROCESS b/README.RELEASE_PROCESS
index ba3019ba389..112d5036c26 100644
--- a/README.RELEASE_PROCESS
+++ b/README.RELEASE_PROCESS
@@ -130,8 +130,8 @@ highlight the major important things (security fixes) and when it is important
 to upgrade.
 
  a. Call php bin/createNewsEntry in your local phpweb checkout
-    Use category "releases" for all non-stable releases.
-    Use category "frontpage" for X.Y.0 non-stable releases only.
+    Use category "releases" for all stable releases.
+    Use category "frontpage" for X.Y.0 non-stable releases only (news only).
 
  b. Add the content for the news entry. Be sure to include the text:
     "THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION!"
diff --git a/ext/opcache/Optimizer/zend_optimizer.c b/ext/opcache/Optimizer/zend_optimizer.c
index f054d104496..ce381388f52 100644
--- a/ext/opcache/Optimizer/zend_optimizer.c
+++ b/ext/opcache/Optimizer/zend_optimizer.c
@@ -1260,6 +1260,8 @@ int zend_optimize_script(zend_script *script, zend_long optimization_level, zend
 	}
 
 	if (debug_level & ZEND_DUMP_AFTER_OPTIMIZER) {
+		zend_dump_op_array(&script->main_op_array, ZEND_DUMP_RT_CONSTANTS, "after optimizer", NULL);
+
 		ZEND_HASH_FOREACH_PTR(&script->function_table, op_array) {
 			zend_dump_op_array(op_array, ZEND_DUMP_RT_CONSTANTS, "after optimizer", NULL);
 		} ZEND_HASH_FOREACH_END();
diff --git a/ext/standard/dl.c b/ext/standard/dl.c
index 050516639e1..5adae805ce6 100644
--- a/ext/standard/dl.c
+++ b/ext/standard/dl.c
@@ -116,17 +116,15 @@ PHPAPI int php_load_extension(char *filename, int type, int start_now)
 		} else {
 			spprintf(&libpath, 0, "%s%c%s", extension_dir, DEFAULT_SLASH, filename); /* SAFE */
 		}
+
 		if (VCWD_ACCESS(libpath, F_OK)) {
 			/* If file does not exist, consider as extension name and build file name */
-			const char *libpath_prefix = "";
 			char *orig_libpath = libpath;
-#if PHP_WIN32
-			libpath_prefix = "php_";
-#endif
+
 			if (slash_suffix) {
-				spprintf(&libpath, 0, "%s%s%s." PHP_SHLIB_SUFFIX, extension_dir, libpath_prefix, filename); /* SAFE */
+				spprintf(&libpath, 0, "%s" PHP_SHLIB_EXT_PREFIX "%s." PHP_SHLIB_SUFFIX, extension_dir, filename); /* SAFE */
 			} else {
-				spprintf(&libpath, 0, "%s%c%s%s." PHP_SHLIB_SUFFIX, extension_dir, DEFAULT_SLASH, libpath_prefix, filename); /* SAFE */
+				spprintf(&libpath, 0, "%s%c" PHP_SHLIB_EXT_PREFIX "%s." PHP_SHLIB_SUFFIX, extension_dir, DEFAULT_SLASH, filename); /* SAFE */
 			}
 
 			if (VCWD_ACCESS(libpath, F_OK)) {
diff --git a/main/build-defs.h.in b/main/build-defs.h.in
index c82982a32a1..fb9bc7f8818 100644
--- a/main/build-defs.h.in
+++ b/main/build-defs.h.in
@@ -89,3 +89,4 @@
 #define PHP_CONFIG_FILE_PATH    "@EXPANDED_PHP_CONFIG_FILE_PATH@"
 #define PHP_CONFIG_FILE_SCAN_DIR    "@EXPANDED_PHP_CONFIG_FILE_SCAN_DIR@"
 #define PHP_SHLIB_SUFFIX        "@SHLIB_DL_SUFFIX_NAME@"
+#define PHP_SHLIB_EXT_PREFIX    ""
diff --git a/main/php_ini.c b/main/php_ini.c
index 8b53f304413..98896a5f866 100644
--- a/main/php_ini.c
+++ b/main/php_ini.c
@@ -375,16 +375,12 @@ static void php_load_zend_extension_cb(void *arg)
 
 		if (VCWD_ACCESS(libpath, F_OK)) {
 			/* If file does not exist, consider as extension name and build file name */
-			const char *libpath_prefix = "";
 			char *orig_libpath = libpath;
-#if PHP_WIN32
-			libpath_prefix = "php_";
-#endif
 
 			if (slash_suffix) {
-				spprintf(&libpath, 0, "%s%s%s." PHP_SHLIB_SUFFIX, extension_dir, libpath_prefix, filename); /* SAFE */
+				spprintf(&libpath, 0, "%s" PHP_SHLIB_EXT_PREFIX "%s." PHP_SHLIB_SUFFIX, extension_dir, filename); /* SAFE */
 			} else {
-				spprintf(&libpath, 0, "%s%c%s%s." PHP_SHLIB_SUFFIX, extension_dir, DEFAULT_SLASH, libpath_prefix, filename); /* SAFE */
+				spprintf(&libpath, 0, "%s%c" PHP_SHLIB_EXT_PREFIX "%s." PHP_SHLIB_SUFFIX, extension_dir, DEFAULT_SLASH, filename); /* SAFE */
 			}
 
 			if (VCWD_ACCESS(libpath, F_OK)) {
diff --git a/win32/build/config.w32.h.in b/win32/build/config.w32.h.in
index 573eb95a94e..9572f65d821 100644
--- a/win32/build/config.w32.h.in
+++ b/win32/build/config.w32.h.in
@@ -136,6 +136,7 @@
 #define HAVE_FNMATCH
 #define HAVE_GLOB
 #define PHP_SHLIB_SUFFIX "dll"
+#define PHP_SHLIB_EXT_PREFIX "php_"
 #define HAVE_SQLDATASOURCES
 
 /* Win32 supports strcoll */