perldelta: two CVE notices

author: Ricardo Signes <rjbs@cpan.org> 2016-01-11 09:22:10 -0500
committer: Ricardo Signes <rjbs@cpan.org> 2016-01-11 09:22:10 -0500
commit: 3c312e43c08e5ccfdc2dce4a2576e629e7a9934c (patch)
tree: 8beb3bf087c3d94c75bd740eeecffddde50103cc
parent: 43db0843f0ee392f73efdeb31f58b713707b7227 (diff)
download: perl-3c312e43c08e5ccfdc2dce4a2576e629e7a9934c.tar.gz
1 files changed, 8 insertions, 4 deletions
diff --git a/pod/perldelta.pod b/pod/perldelta.pod
index b96db871da..2975bf57d8 100644
--- a/pod/perldelta.pod
+++ b/pod/perldelta.pod
@@ -29,11 +29,15 @@ here, but most should go in the L</Performance Enhancements> section.
 
 =head1 Security
 
-XXX Any security-related notices go here.  In particular, any security
-vulnerabilities closed should be noted here rather than in the
-L</Selected Bug Fixes> section.
+=head2 fix out of boundary access in Win32 path handling
 
-[ List each security issue as a =head2 entry ]
+This is CVE-2015-8608.  For more information see
+L<[perl #126755]|https://rt.perl.org/Ticket/Display.html?id=126755>
+
+=head2 fix loss of taint in canonpath
+
+This is CVE-2015-8607.  For more information see
+L<[perl #126862]|https://rt.perl.org/Ticket/Display.html?id=126862>
 
 =head1 Incompatible Changes
author	Ricardo Signes <rjbs@cpan.org>	2016-01-11 09:22:10 -0500
committer	Ricardo Signes <rjbs@cpan.org>	2016-01-11 09:22:10 -0500
commit	3c312e43c08e5ccfdc2dce4a2576e629e7a9934c (patch)
tree	8beb3bf087c3d94c75bd740eeecffddde50103cc
parent	43db0843f0ee392f73efdeb31f58b713707b7227 (diff)
download	perl-3c312e43c08e5ccfdc2dce4a2576e629e7a9934c.tar.gz