From 0f1deac71ead2c4fdfb4d757975c1d5d5eac87f1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 6 Feb 2013 11:02:18 +0100
Subject: RELEASE-NOTES: mention the SASL buffer overflow

---
 RELEASE-NOTES | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 371654a9a..f28d2c87e 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -7,6 +7,10 @@ Curl and libcurl 7.29.0
  Known libcurl bindings:       39
  Contributors:                 993
 
+This release includes the following securify fix:
+
+ o POP3/IMAP/SMTP SASL buffer overflow vulnerability [17]
+
 This release includes the following changes:
 
  o test: offer "automake" output and check for perl better
@@ -70,7 +74,8 @@ advice from friends like these:
  Yang Tse, Balaji Parasuram, Dan Fandrich, Bob Relyea, Gisle Vanem,
  Yves Arrouye, Kai Engert, Lluís Batlle i Rossell, Jirí Hruka,
  John E. Malmberg, Tor Arntsen, Matt Arsenault, Sergei Nikulov,
- Guenter Knauf, Craig Davison, Ulrich Doehner, Jiri Jaburek, Bruno de Carvalho
+ Guenter Knauf, Craig Davison, Ulrich Doehner, Jiri Jaburek, Bruno de Carvalho,
+ Eldar Zaitov
 
         Thanks! (and sorry if I forgot to mention someone)
 
@@ -92,3 +97,4 @@ References to bug reports and discussions on issues:
  [14] = http://curl.haxx.se/mail/lib-2013-01/0295.html
  [15] = http://curl.haxx.se/bug/view.cgi?id=1186
  [16] = http://curl.haxx.se/bug/view.cgi?id=1187
+ [17] = http://curl.haxx.se/docs/adv_20130206.html
-- 
cgit v1.2.3