From 6c5f477ca10f3cbf2081b044be4987bb0098afdd Mon Sep 17 00:00:00 2001
From: Etienne Stalmans <estalmans@gmail.com>
Date: Mon, 15 Jul 2019 22:59:56 +0200
Subject: [PATCH] Add a reference to CVE-2019-13139, which was patched in the
 18.09.4 release

---
 engine/release-notes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/release-notes.md b/engine/release-notes.md
index a8fa10c43f..da7ed44a04 100644
--- a/engine/release-notes.md
+++ b/engine/release-notes.md
@@ -106,7 +106,7 @@ consistency and compatibility reasons.
 
 ### Builder
 
-* Added validation for `git ref` to avoid misinterpretation as a flag. [moby/moby#38944](https://github.com/moby/moby/pull/38944)
+* Fixed [CVE-2019-13139](https://nvd.nist.gov/vuln/detail/CVE-2019-13139) by adding validation for `git ref` to avoid misinterpretation as a flag. [moby/moby#38944](https://github.com/moby/moby/pull/38944)
 
 ### Runtime