# HG changeset patch
# User Andrew John Hughes <ahughes@redhat.com>
# Date 1297688066 0
# Node ID e524c624d58ac1f44a6596159b41a622d694cf3e
# Parent  66db0252562cd8d35bc1e7db6a7f0abec5941a7f
Add CVE and RH bug ID for NetX security fix.

2011-02-14  Andrew John Hughes  <ahughes@redhat.com>

	* NEWS: Add CVE and bug ID for NetX
	security fix.

diff -r 66db0252562c -r e524c624d58a ChangeLog
--- a/ChangeLog	Mon Feb 14 02:17:45 2011 +0000
+++ b/ChangeLog	Mon Feb 14 12:54:26 2011 +0000
@@ -10,6 +10,11 @@
 
 	* configure.ac: Bump to 1.9.7.
 
+2011-02-14  Andrew John Hughes  <ahughes@redhat.com>
+
+	* NEWS: Add CVE and bug ID for NetX
+	security fix.
+
 2011-02-13  Andrew John Hughes  <ahughes@redhat.com>
 
 	* NEWS: Updated.
diff -r 66db0252562c -r e524c624d58a NEWS
--- a/NEWS	Mon Feb 14 02:17:45 2011 +0000
+++ b/NEWS	Mon Feb 14 12:54:26 2011 +0000
@@ -18,7 +18,7 @@
   - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
   - S6985453, CVE-2010-4471: Java2D font-related system property leak
   - S6927050, CVE-2010-4470: JAXP untrusted component state manipulation
-  - Vulnerability in permissions assigned to applets with multiple JARs
+  - RH677332, CVE-2011-0706: Multiple signers privilege escalation
 * Bug fixes
   - RH676659: Pass -export-dynamic flag to linker using -Wl, as option in gcc 4.6+ is broken
   - G344659: Fix issue when building on SPARC