docs: 5.0.1 security fix

elastic · Nov 15, 2016 · c02d2d1 · c02d2d1
1 parent 80880a7
commit c02d2d1
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 0 deletions.
diff --git a/docs/index.asciidoc b/docs/index.asciidoc
@@ -14,6 +14,8 @@ release-state can be: released | prerelease | unreleased
 :xpack-ref:      https://www.elastic.co/guide/en/x-pack/current/
 :issue:          https://github.com/elastic/kibana/issues/
 :pull:           https://github.com/elastic/kibana/pull/
+:commit:         https://github.com/elastic/kibana/commit/
+:security:       https://www.elastic.co/community/security/
 
 
 include::introduction.asciidoc[]

diff --git a/docs/release-notes/5.0.1.asciidoc b/docs/release-notes/5.0.1.asciidoc
@@ -3,6 +3,15 @@
 
 Also see <<breaking-changes-5.0>>.
 
+[float]
+[[security-5.0.1]]
+=== Security fixes
+An Open Redirect vulnerability has been fixed with the short URL feature.
+Previously, a malicious user could use the internal API that powers the short
+URL feature to create a short URL in kibana that redirected to a different
+domain. +
+{security}ESA-2016-08[ESA-2016-08] ({commit}92ae3ae[92ae3ae])
+
 [float]
 [[bug-5.0.1]]
 === Bug fixes