diff --git a/NEWS b/NEWS
index 9e7234f..256b111 100644
--- a/NEWS
+++ b/NEWS
@@ -14,28 +14,100 @@ New in release OpenJDK 20.0.2 (2023-07-18):
   - CVE-2023-22049
   - CVE-2023-22036
   - CVE-2023-22006
+* Security fixes
+  - JDK-8299945: Update the release version after forking Apr CPU23_04
+  - JDK-8299946: Update the Jul CPU23_07 release date in master branch after forking Apr CPU23_04
+  - JDK-8299129: Enhance NameService lookups
+  - JDK-8295304: Runtime support improvements
+  - JDK-8300285: Enhance TLS data handling
+  - JDK-8298676: Enhanced Look and Feel
+  - JDK-8304460: Improve array usages
+  - JDK-8304468: Better array usages
+  - JDK-8302483: Enhance ZIP performance
+  - JDK-8305565: Incorrect milestone for release JDK 20.0.2
+  - JDK-8300596: Enhance Jar Signature validation
+  - JDK-8302475: Enhance HTTP client file downloading
+  - JDK-8305421: Work around JDK-8305420 in CDSJDITest.java
+  - JDK-8294323: Improve Shared Class Data
+  - JDK-8305312: Enhanced path handling
+  - JDK-8296565: Enhanced archival support
+  - JDK-8306049: Change milestone to fcs for all releases
+  - JDK-8303376: Better launching of JDI
+  - JDK-8308682: Enhance AES performance
 * Other changes
-  - JDK-8208077: File.listRoots performance degradation
-  - JDK-8304741 C2 Intrinsification of Float.floatToFloat16 and Float.float16ToFloat Yields Different Result than the Interpreter
-  - JDK-8306763 GHA: MSVC installation is failing
-  - JDK-8304075 Consider removal of expiry check in VerifyCACerts.java test
-  - JDK-8304077 The "ZonedDateTime.parse" may not accept the "UTC+XX" zone id
-  - JDK-8304227 Corrupted heap dumps due to missing retries for os::write()
-  - JDK-8304424 Update HarfBuzz to 7.0.1
-  - JDK-8304887 javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError
-  - JDK-8305123 javac regression: Compilation with --release 8 fails on underscore in enum identifiers
-  - JDK-8305537 Use default visibility for static library builds
-  - JDK-8305540 ArrayFill with store on backedge needs to reduce length by 1
-  - JDK-8305541 C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE
-  - JDK-8305542 C2: PhaseCFG::convert_NeverBranch_to_Goto must handle both orders of successors
-  - JDK-8305546 C2: Arraycopy intrinsic throws incorrect exception
-  - JDK-8305548 use-after-free related to GraphKit::clone_map
-  - JDK-8305549 SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument
-  - JDK-8305550 C2: CmpU::Value must filter overflow computation against local sub computation
-  - JDK-8305551 C2 compiled code crashes with SIGFPE with -XX:+StressLCM and -XX:+StressGCM
-  - JDK-8305554 C2: java.lang.StringUTF16::indexOfChar intrinsic called with negative character argument
-  - JDK-8305555 C2: assert(get_ctrl(n) == cle_out) during unrolling
-  - JDK-8305557 Vector.lane() gets wrong value on x86
+  - JDK-8304741: C2 Intrinsification of Float.floatToFloat16 and Float.float16ToFloat Yields Different Result than the Interpreter
+  - JDK-8306763: GHA: MSVC installation is failing
+  - JDK-8304075: Consider removal of expiry check in VerifyCACerts.java test
+  - JDK-8304077: The "ZonedDateTime.parse" may not accept the "UTC+XX" zone id
+  - JDK-8304227: Corrupted heap dumps due to missing retries for os::write()
+  - JDK-8304424: Update HarfBuzz to 7.0.1
+  - JDK-8304887: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError
+  - JDK-8305123: javac regression: Compilation with --release 8 fails on underscore in enum identifiers
+  - JDK-8305537: Use default visibility for static library builds
+  - JDK-8305540: ArrayFill with store on backedge needs to reduce length by 1
+  - JDK-8305541: C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE
+  - JDK-8305542: C2: PhaseCFG::convert_NeverBranch_to_Goto must handle both orders of successors
+  - JDK-8305546: C2: Arraycopy intrinsic throws incorrect exception
+  - JDK-8305548: use-after-free related to GraphKit::clone_map
+  - JDK-8305549: SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument
+  - JDK-8305550: C2: CmpU::Value must filter overflow computation against local sub computation
+  - JDK-8305551: C2 compiled code crashes with SIGFPE with -XX:+StressLCM and -XX:+StressGCM
+  - JDK-8305554: C2: java.lang.StringUTF16::indexOfChar intrinsic called with negative character argument
+  - JDK-8305555: C2: assert(get_ctrl(n) == cle_out) during unrolling
+  - JDK-8305557: Vector.lane() gets wrong value on x86
+  - JDK-8305558: [JVMCI] Insufficient error handling when CodeBuffer is exhausted
+  - JDK-8305560: C2: "Bad graph detected in build_loop_late" after a CMove is wrongly split thru phi
+  - JDK-8305561: DebugNonSafepoints generates incorrect information
+  - JDK-8305850: Fastdebug build fails after JDK-8296389
+  - JDK-8305851: use-def assert: special case undetected loops nested in infinite loops
+  - JDK-8305865: (tz) Update Timezone Data to 2023c
+  - JDK-8305876: Special case infinite loops with unmerged backedges in IdealLoopTree::check_safepts
+  - JDK-8306319: Add the runtime version in the release file of a JDK image
+  - JDK-8306478: On the latest macOS+XCode the Robot API may report wrong colors
+  - JDK-8306750: Upgrade JLine to 3.22.0
+  - JDK-8306751: JShell does not switch to raw mode when there is no /bin/test
+  - JDK-8306771: [AIX] Broken build after JDK-8301998
+  - JDK-8307107: updateIconImages may lead to deadlock after JDK-8276849
+  - JDK-8307111: Shenandoah evacuation workers may deadlock
+  - JDK-8307112: GHA: MSVC installation could be optional since it might already be pre-installed
+  - JDK-8307151: Shenandoah: Missing barriers on deoptimization path
+  - JDK-8307364: Make runtime/Monitor/GuaranteedAsyncDeflationIntervalTest.java more reliable
+  - JDK-8307372: Add TWCA Global Root CA
+  - JDK-8307373: Add 2 Microsoft TLS roots
+  - JDK-8307391: Monitor deflation might be accidentally disabled by zero intervals
+  - JDK-8307631: Add GTS root CAs
+  - JDK-8308008: java.time.Instant calculation bug in until and between methods
+  - JDK-8309850: ConcurrentModificationException in javadoc tool
+  - JDK-8301870: Include cdb in the Windows devkit
+  - JDK-8303906: Update jdk20u fix version to 20.0.2
+  - JDK-8303958: Missing Classpath exception from Continuation.c
+  - JDK-8304417: GCC 12 reports some compiler warnings in bundled freetype
+  - JDK-8304981: jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN
+  - JDK-8305545: [JVMCI] HotSpotResolvedJavaMethodImpl.canBeInlined must respect ForceInline
+  - JDK-8305547: use-after-free in Node::destruct
+  - JDK-8305552: [JVMCI] BytecodeFrame.equals is broken
+  - JDK-8305553: C2: assert in PhaseIdealLoop::do_unroll() is subject to undefined behavior
+  - JDK-8305789: Update Commons BCEL to Version 6.7.0
+  - JDK-8305849: Memory leak in CompilerOracle::parse_from_line
+  - JDK-8305859: ProblemList runtime/CompressedOops/CompressedClassPointers.java
+  - JDK-8305948: Performance degradation for float/double modulo on Linux
+  - JDK-8306448: NoClassDefFoundError omits the original cause of an error
+  - JDK-8307209: Thread stacksize is reported with wrong units in os::create_thread logging
+  - JDK-8307360: [vectorapi] The typeChar of LaneType is incorrect when default locale is tr
+  - JDK-8307361: Guarantee eventual async monitor deflation
+  - JDK-8307380: harfbuzz build fails with GCC 7 after JDK-8301998
+  - JDK-8307419: UTIL_LOOKUP_PROGS fails on pathes with space
+  - JDK-8307420: UTIL_REQUIRE_SPECIAL warning on grep
+  - JDK-8307705: Support for GB18030-2022
+  - JDK-8308112: Allow collectors to provide specific values for GC notifications' actions
+  - JDK-8308390: Font.getStringBounds calculates wrong width for TextAttribute.TRACKING other than 0.0
+  - JDK-8308418: Socket input stream read burns CPU cycles with back-to-back poll(0) calls
+  - JDK-8308457: [AIX] VM crashes with UseRTMLocking on Power10
+  - JDK-8308693: Add missing gc+phases logging for ObjectCount(AfterGC) JFR event collection code
+  - JDK-8309483: PPC: Non-Top Interpreted frames should be independent of ABI_ELFv2
+  - JDK-8305544: UB: Compile::_phase_optimize_finished is initialized too late
+  - JDK-8305556: Memory leak in WB_IsMethodCompatible
+  - JDK-8305559: Identical branch conditions in CompileBroker::print_heapinfo
 
 The full list of changes in 20u can be found at:
 -  * https://builds.shipilev.net/backports-monitor/release-notes-20.0.2.txt