From: Marko Kreen <markokr@gmail.com>
Date: Mon, 9 Nov 2015 13:08:34 +0000 (+0200)
Subject: readme: add links to CVE-s
X-Git-Tag: pgbouncer_1_7~10
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=75d0ecc51e31b28e33d5810055c6909112773b56;p=pgbouncer

readme: add links to CVE-s
---

diff --git a/NEWS.rst b/NEWS.rst
index 7054b3d..7038e8a 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -51,6 +51,8 @@ PgBouncer 1.6.x
     When `auth_user` is set and client asks non-existing username,
     client will log in as `auth_user`.  Not good.
 
+    `CVE-2015-6817 <https://access.redhat.com/security/cve/cve-2015-6817>`_
+
   * Skip NoticeResponce in handle_auth_response.  Otherwise verbose
     log levels on server cause login failures.
 
@@ -212,6 +214,8 @@ PgBouncer 1.5.x
     - by '*' in [databases] section - the database name can come
     from network thus making remote shutdown possible.
 
+    `CVE-2012-4575 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4575>`_
+
 - Minor Features
 
   * max_packet_size - config parameter to tune maximum packet size