* doc/security.rdoc: Add link to CVEs on ruby-lang.org/en/security

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39088 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-02-06 04:03:39 +00:00 · 2013-02-06 04:03:39 +00:00 · fe072cef25
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Wed Feb  6 13:03:00 2013  Zachary Scott  <zachary@zacharyscott.net>
+
+	* doc/security.rdoc: Add link to CVEs on ruby-lang.org/en/security
+
 Wed Feb  6 12:49:00 2013  Zachary Scott  <zachary@zacharyscott.net>

 	* NEWS: Add note about removal of CSV::load and CSV::dump from r39077
--- a/doc/security.rdoc
+++ b/doc/security.rdoc
@ -6,6 +6,9 @@ pitfalls often encountered by newcomers and experienced Rubyists alike.
 This document aims to discuss many of these pitfalls and provide more secure
 alternatives where applicable.

+Please check the full list of publicly known CVEs and how to correctly report a
+security vulnerability, at: http://www.ruby-lang.org/en/security/
+
 == <code>$SAFE</code>

 Ruby provides a mechanism to restrict what operations can be performed by Ruby