Add security updates to the release notes

Signed-off-by: Tim Smith <tsmith@chef.io>
author: Tim Smith <tsmith84@gmail.com> 2019-09-11 14:13:14 -0700
committer: Tim Smith <tsmith84@gmail.com> 2019-09-11 14:13:14 -0700
commit: 37ee85044a8ca7f286ae7eb558c34680dbcd5dc4 (patch)
tree: efaa0c487011be817f6755f7e45ae878c271ff5b
parent: 3498039af9402f0025c48ab0cba9c0f7ed9764eb (diff)
download: chef-37ee85044a8ca7f286ae7eb558c34680dbcd5dc4.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index eb068f3278..23e2fdd567 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -87,6 +87,20 @@ Chef InSpec has been updated from 4.10.4 to 4.16.0 with the following changes:
 - The `service` resource now includes a new `startname` property for determining which user is starting the Windows services.
 - The `groups` resource now properly gathers membership information on macOS hosts.
 
+## Security Updates
+
+### Ruby
+
+Ruby has been updated from 2.6.3 to 2.6.4 in order to resolve [CVE-2012-6708](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708) and [CVE-2015-9251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251).
+
+### openssl
+
+openssl has been updated from 1.0.2s to 1.0.2s in order to resolve [CVE-2019-1563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563) and [CVE-2019-1547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547).
+
+### nokogiri
+
+nokogori has been updated from 1.10.2 to 1.10.4 in order to resolve [CVE-2019-5477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477)
+
 # Chef Infra Client 15.2
 
 ## Updated Resources
author	Tim Smith <tsmith84@gmail.com>	2019-09-11 14:13:14 -0700
committer	Tim Smith <tsmith84@gmail.com>	2019-09-11 14:13:14 -0700
commit	37ee85044a8ca7f286ae7eb558c34680dbcd5dc4 (patch)
tree	efaa0c487011be817f6755f7e45ae878c271ff5b
parent	3498039af9402f0025c48ab0cba9c0f7ed9764eb (diff)
download	chef-37ee85044a8ca7f286ae7eb558c34680dbcd5dc4.tar.gz