perldelta: two CVE notices

author: Ricardo Signes <rjbs@cpan.org> 2016-01-11 09:20:12 -0500
committer: Ricardo Signes <rjbs@cpan.org> 2016-01-11 09:20:12 -0500
commit: 7feb15ec4efe15bcbcc629795cedc8698a59cded (patch)
tree: 9594727f8689a43603ccbe6a2728547a6c7056ba /pod
parent: c0db05918c68753af58edd2906e7dfbd8d6a4e26 (diff)
download: perl-7feb15ec4efe15bcbcc629795cedc8698a59cded.tar.gz
1 files changed, 8 insertions, 4 deletions
diff --git a/pod/perldelta.pod b/pod/perldelta.pod
index f97c710009..ca186de6f3 100644
--- a/pod/perldelta.pod
+++ b/pod/perldelta.pod
@@ -29,11 +29,15 @@ here, but most should go in the L</Performance Enhancements> section.
 
 =head1 Security
 
-XXX Any security-related notices go here.  In particular, any security
-vulnerabilities closed should be noted here rather than in the
-L</Selected Bug Fixes> section.
+=head2 fix out of boundary access in Win32 path handling
 
-[ List each security issue as a =head2 entry ]
+This is CVE-2015-8608.  For more information see
+L<[perl #126755]|https://rt.perl.org/Ticket/Display.html?id=126755>
+
+=head2 fix loss of taint in canonpath
+
+This is CVE-2015-8607.  For more information see
+L<[perl #126862]|https://rt.perl.org/Ticket/Display.html?id=126862>
 
 =head1 Incompatible Changes
author	Ricardo Signes <rjbs@cpan.org>	2016-01-11 09:20:12 -0500
committer	Ricardo Signes <rjbs@cpan.org>	2016-01-11 09:20:12 -0500
commit	7feb15ec4efe15bcbcc629795cedc8698a59cded (patch)
tree	9594727f8689a43603ccbe6a2728547a6c7056ba /pod
parent	c0db05918c68753af58edd2906e7dfbd8d6a4e26 (diff)
download	perl-7feb15ec4efe15bcbcc629795cedc8698a59cded.tar.gz