updated the 11_0 release documents with latest known issues

Signed-off-by: Florent Poinsard <florent.poinsard@outlook.fr>

doc/releasenotes/11_0_0_release_notes.md

@@ -1,5 +1,14 @@
 This release complies with VEP-3 which removes the upgrade order requirement. Components can be upgraded in any order. It is recommended that the upgrade order should still be followed if possible, except to canary test the new version of VTGate before upgrading the rest of the components.
 
+## Known Issues
+
+- A critical vulnerability [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) in the Apache Log4j logging library was disclosed on Dec 9.
+  The project provided release `2.15.0` with a patch that mitigates the impact of this CVE. It was quickly found that the initial patch was insufficient, and an additional CVE
+  [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046) followed.
+  This has been fixed in release `2.16.0`. This release, `v11.0.0`, uses a version of Log4j below `2.16.0`, for this reason, we encourage you to use `v11.0.3` instead, which contains the patch for the vulnerability.
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.
+
 ## Bug fixes 
 ### Build/CI
  * update moby/term to fix darwin build issue #7787

doc/releasenotes/11_0_1_release_notes.md

@@ -1,3 +1,13 @@
+## Known Issues
+
+- A critical vulnerability [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) in the Apache Log4j logging library was disclosed on Dec 9.
+  The project provided release `2.15.0` with a patch that mitigates the impact of this CVE. It was quickly found that the initial patch was insufficient, and an additional CVE
+  [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046) followed.
+  This has been fixed in release `2.16.0`. This release, `v11.0.1`, uses a version of Log4j below `2.16.0`, for this reason, we encourage you to use `v11.0.3` instead, which contains the patch for the vulnerability.
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.
+
+
 ## Bug fixes
  ### Cluster management
   * Port #8422 to 11.0 branch #8744

doc/releasenotes/11_0_2_release_notes.md

@@ -3,6 +3,15 @@
 
 This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-44228) (#9364), along with a few bug fixes.
 
+## Known Issues
+
+- A critical vulnerability [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) in the Apache Log4j logging library was disclosed on Dec 9.
+  The project provided release `2.15.0` with a patch that mitigates the impact of this CVE. It was quickly found that the initial patch was insufficient, and an additional CVE
+  [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046) followed.
+  This has been fixed in release `2.16.0`. This release, `v11.0.2`, uses a version of Log4j below `2.16.0`, for this reason, we encourage you to use `v11.0.3` instead, which contains the patch for the vulnerability.
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.
+
 ------------
 ## Changelog
 

doc/releasenotes/11_0_2_summary.md

@@ -1,3 +1,12 @@
 ## Major Changes
 
-This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-44228) (#9364), along with a few bug fixes.
+This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-44228) (#9364), along with a few bug fixes.
+
+## Known Issues
+
+- A critical vulnerability [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) in the Apache Log4j logging library was disclosed on Dec 9.
+  The project provided release `2.15.0` with a patch that mitigates the impact of this CVE. It was quickly found that the initial patch was insufficient, and an additional CVE
+  [CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046) followed.
+  This has been fixed in release `2.16.0`. This release, `v11.0.2`, uses a version of Log4j below `2.16.0`, for this reason, we encourage you to use `v11.0.3` instead, which contains the patch for the vulnerability.
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.

doc/releasenotes/11_0_3_release_notes.md

@@ -3,7 +3,11 @@
 
 This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-45046) (#9395).
 
- ------------
+## Known Issues
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.
+
+------------
 ## Changelog
 
 ### Dependabot

doc/releasenotes/11_0_3_summary.md

@@ -1,3 +1,7 @@
 ## Major Changes
 
 This patch is providing an update regarding the Apache Log4j security vulnerability (CVE-2021-45046) (#9395).
+
+## Known Issues
+
+- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.