From f6c5328b9f1dcd8ee3388a94f60d96c84d8f3e70 Mon Sep 17 00:00:00 2001
From: Thom May <thom@chef.io>
Date: Thu, 14 Sep 2017 20:14:09 +0100
Subject: Update Chef 12 release notes with CVEs

Signed-off-by: Thom May <thom@chef.io>
---
 RELEASE_NOTES.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 1be788ac43..a608ed415d 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -4,7 +4,21 @@ _This file holds "in progress" release notes for the current release under devel
 
 ## Security Fixes
 
-This release of Chef Client contains a new version of zlib, fixing 4
+This release of Chef Client contains Ruby 2.3.5, fixing 4 CVEs:
+
+  * CVE-2017-0898
+  * CVE-2017-10784
+  * CVE-2017-14033
+  * CVE-2017-14064
+
+It also contains a new version of Rubygems, fixing 4 CVEs:
+
+  * CVE-2017-0899
+  * CVE-2017-0900
+  * CVE-2017-0901
+  * CVE-2017-0902
+
+This release also contains a new version of zlib, fixing 4
 CVEs:
 
  *  [CVE-2016-9840](https://www.cvedetails.com/cve/CVE-2016-9840/)
-- 
cgit v1.2.1