add CVE-2011-4718

diff --git a/NEWS b/NEWS
index cc469dd4d013a429a6edc677f7422ac78b509b40..948dcdc50db3f6fb167a7363dc87386201fdf35b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -54,7 +54,7 @@ PHP                                                                        NEWS
 - Sessions:
   . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
     which protects against session fixation attacks and session collisions.    
-    (Yasuo Ohgaki)
+    (CVE-2011-4718). (Yasuo Ohgaki)
   . Fixed possible buffer overflow under Windows. Note: Not a security fix.
     (Yasuo)
   . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo)