From f9a9122f78d145084b3f2dc2cd982f2ed3cbd199 Mon Sep 17 00:00:00 2001
From: Tatu Saloranta <tatu.saloranta@iki.fi>
Date: Sun, 26 Apr 2020 10:09:34 -0700
Subject: [PATCH] Yet more 2.8 release note updates

---
 release-notes/VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/release-notes/VERSION b/release-notes/VERSION
index 52c6410282..5f8a75b4ee 100644
--- a/release-notes/VERSION
+++ b/release-notes/VERSION
@@ -61,9 +61,9 @@ Project: jackson-databind
 #1872: `NullPointerException` in `SubTypeValidator.validateSubType` when
   validating Spring interface
  (reported by Rob W)
-#1899: Another two gadgets to exploit default typing issue in jackson-databind
+#1899: Another two gadgets to exploit default typing issue (CVE-2018-5968)
  (reported by OneSourceCat@github)
-#1931: Two more `c3p0` gadgets to exploit default typing issue
+#1931: Two more `c3p0` gadgets to exploit default typing issue (c3p0, CVE-2018-7489)
 
 2.8.11 (24-Dec-2017)