doc: releases: v15.2.6 Octopus release notes

author Abhishek Lekshmanan <abhishek@suse.com>

Tue, 17 Nov 2020 19:51:40 +0000 (20:51 +0100)

committer Ilya Dryomov <idryomov@gmail.com>

Tue, 24 Nov 2020 14:43:37 +0000 (15:43 +0100)
author Abhishek Lekshmanan <abhishek@suse.com>
Tue, 17 Nov 2020 19:51:40 +0000 (20:51 +0100)
committer Ilya Dryomov <idryomov@gmail.com>
Tue, 24 Nov 2020 14:43:37 +0000 (15:43 +0100)
diff --git a/doc/releases/octopus.rst b/doc/releases/octopus.rst

index 182acdbcf6fd91163e3c71fe57fe6f0f2b48c25d..1f252aa691e5bbf5e64f44977242cfa405ebe877 100644 (file)
--- a/doc/releases/octopus.rst
+++ b/doc/releases/octopus.rst
@@ -1,3 +1,21 @@
+v15.2.6 Octopus
+===============
+
+This is the 6th backport release in the Octopus series. This release fixes
+a security flaw affecting Messenger v1 & v2. We recommend users to update to
+this release.
+
+Notable Changes
+---------------
+
+* CVE 2020-25660: CEPHX_V2 replay attack protection lost, for Messenger v1 & v2 (Ilya Dryomov)
+
+Changelog
+---------
+
+* mon/MonClient: bring back CEPHX_V2 authorizer challenges (Ilya Dryomov)
+
+
  v15.2.5 Octopus
  ===============
author	Abhishek Lekshmanan <abhishek@suse.com>
	Tue, 17 Nov 2020 19:51:40 +0000 (20:51 +0100)
committer	Ilya Dryomov <idryomov@gmail.com>
	Tue, 24 Nov 2020 14:43:37 +0000 (15:43 +0100)