Merge pull request #6407 from chef/tm/relnotes_12

Update Chef 12 release notes with CVEs
author: Thom May <thom@may.lt> 2017-09-14 21:06:16 +0100
committer: GitHub <noreply@github.com> 2017-09-14 21:06:16 +0100
commit: 67a37b7bb76a2bf22cf68e18d44be043de9d7e2b (patch)
tree: 7558897172a733491c9370dd81edb89d6515234d
parent: 8ca7cc6d4173d53856dab69d40cbf4f1821830dd (diff)
parent: f6c5328b9f1dcd8ee3388a94f60d96c84d8f3e70 (diff)
download: chef-67a37b7bb76a2bf22cf68e18d44be043de9d7e2b.tar.gz
1 files changed, 15 insertions, 1 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 1be788ac43..a608ed415d 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -4,7 +4,21 @@ _This file holds "in progress" release notes for the current release under devel
 
 ## Security Fixes
 
-This release of Chef Client contains a new version of zlib, fixing 4
+This release of Chef Client contains Ruby 2.3.5, fixing 4 CVEs:
+
+  * CVE-2017-0898
+  * CVE-2017-10784
+  * CVE-2017-14033
+  * CVE-2017-14064
+
+It also contains a new version of Rubygems, fixing 4 CVEs:
+
+  * CVE-2017-0899
+  * CVE-2017-0900
+  * CVE-2017-0901
+  * CVE-2017-0902
+
+This release also contains a new version of zlib, fixing 4
 CVEs:
 
  *  [CVE-2016-9840](https://www.cvedetails.com/cve/CVE-2016-9840/)
author	Thom May <thom@may.lt>	2017-09-14 21:06:16 +0100
committer	GitHub <noreply@github.com>	2017-09-14 21:06:16 +0100
commit	67a37b7bb76a2bf22cf68e18d44be043de9d7e2b (patch)
tree	7558897172a733491c9370dd81edb89d6515234d
parent	8ca7cc6d4173d53856dab69d40cbf4f1821830dd (diff)
parent	f6c5328b9f1dcd8ee3388a94f60d96c84d8f3e70 (diff)
download	chef-67a37b7bb76a2bf22cf68e18d44be043de9d7e2b.tar.gz