add CVE 2010-0009 to CHANGES and NEWS

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@929675 13f79535-47bb-0310-9956-ffa450edef68
author: Jan Lehnardt <jan@apache.org> 2010-03-31 19:29:32 +0000
committer: Jan Lehnardt <jan@apache.org> 2010-03-31 19:29:32 +0000
commit: a355c4f2652bbab2ed3993e4ab1f88588850356c (patch)
tree: f17ada8f3754f641218e395f6b1f69ef1ff8a9d6 /CHANGES
parent: 8b3d9453dfb1c8e81c499281c7151c75ab5b7939 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 291a0f0e..0f8af030 100644
--- a/CHANGES
+++ b/CHANGES
@@ -11,6 +11,7 @@ Version 0.11.0
 
 Security:
 
+ * Fixed CVE-2010-0009: Apache CouchDB Timing Attack Vulnerability.
  * Added default cookie-authentication and users database.
  * Added Futon user interface for user signup and login.
  * Added per-database reader access control lists.
author	Jan Lehnardt <jan@apache.org>	2010-03-31 19:29:32 +0000
committer	Jan Lehnardt <jan@apache.org>	2010-03-31 19:29:32 +0000
commit	a355c4f2652bbab2ed3993e4ab1f88588850356c (patch)
tree	f17ada8f3754f641218e395f6b1f69ef1ff8a9d6 /CHANGES
parent	8b3d9453dfb1c8e81c499281c7151c75ab5b7939 (diff)