From 1da10a02f30176ac8dfc6e2a035c5d753210cbaf Mon Sep 17 00:00:00 2001
From: Nathan Cutler <ncutler@suse.com>
Date: Thu, 7 Feb 2019 10:52:35 +0100
Subject: [PATCH] doc: mention CVEs in luminous v12.2.11 release notes

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
Signed-off-by: Nathan Cutler <ncutler@suse.com>
---
 doc/releases/luminous.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/releases/luminous.rst b/doc/releases/luminous.rst
index c2844576483..5c265466b25 100644
--- a/doc/releases/luminous.rst
+++ b/doc/releases/luminous.rst
@@ -23,6 +23,12 @@ Notable Changes
   stale-instances list` and `reshard stale-instances rm` should do the necessary
   cleanup.
 
+* CVE-2018-14662: mon: limit caps allowed to access the config store
+
+* CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts (`issue#35994 <http://tracker.ceph.com/issues/35994>`)
+
+* CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth (`issue#37847 <http://tracker.ceph.com/issues/37847>`)
+
 Changelog
 ---------
 
-- 
2.39.5