Add CVE number to release notes for fixed issue
Change-Id: If645677779f75d235aaedb744fb7a20040ff9fd2
diff --git a/pages/site/releases/2.14.md b/pages/site/releases/2.14.md
index ec1d333..cc6c6cb 100644
--- a/pages/site/releases/2.14.md
+++ b/pages/site/releases/2.14.md
@@ -354,7 +354,8 @@
* Security Fixes
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
diff --git a/pages/site/releases/2.15.md b/pages/site/releases/2.15.md
index a43ae4e..445edfe 100644
--- a/pages/site/releases/2.15.md
+++ b/pages/site/releases/2.15.md
@@ -449,7 +449,8 @@
* Security Fixes
- * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621):
+ * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
@@ -471,7 +472,8 @@
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
diff --git a/pages/site/releases/2.16.md b/pages/site/releases/2.16.md
index 886eed0..a5dddab 100644
--- a/pages/site/releases/2.16.md
+++ b/pages/site/releases/2.16.md
@@ -642,7 +642,8 @@
* Security Fixes
- * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621):
+ * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
@@ -664,7 +665,8 @@
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
diff --git a/pages/site/releases/3.0.md b/pages/site/releases/3.0.md
index e5f6a8f..53d8cd7 100644
--- a/pages/site/releases/3.0.md
+++ b/pages/site/releases/3.0.md
@@ -218,7 +218,8 @@
* Security Fixes
- * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621):
+ * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
@@ -240,7 +241,8 @@
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
diff --git a/pages/site/releases/3.1.md b/pages/site/releases/3.1.md
index 97fa715..fa4cbc1 100644
--- a/pages/site/releases/3.1.md
+++ b/pages/site/releases/3.1.md
@@ -325,7 +325,8 @@
* Security Fixes
- * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621):
+ * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
@@ -347,7 +348,8 @@
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
diff --git a/pages/site/releases/3.2.md b/pages/site/releases/3.2.md
index bfdba06..e998595 100644
--- a/pages/site/releases/3.2.md
+++ b/pages/site/releases/3.2.md
@@ -613,7 +613,8 @@
* Security Fixes
- * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621):
+ * [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
@@ -635,7 +636,8 @@
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
- * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
+ * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
+ [CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
