From a77af99a66dc05fc7f3baacb27e4d997cc1cd036 Mon Sep 17 00:00:00 2001
From: zzak <zzak@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 6 Feb 2013 03:49:59 +0000
Subject: [PATCH] * NEWS: Add note about removal of CSV::load and CSV::dump
 from r39077

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 4 ++++
 NEWS      | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 68f42bd1b8..3ca4e25a48 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Wed Feb  6 12:49:00 2013  Zachary Scott  <zachary@zacharyscott.net>
+
+	* NEWS: Add note about removal of CSV::load and CSV::dump from r39077
+
 Wed Feb  6 05:57:00 2013  Zachary Scott  <zachary@zacharyscott.net>
 
 	* lib/racc/parser.rb: Hide copyright notice from Racc doc
diff --git a/NEWS b/NEWS
index 25c578f4a9..45097b4611 100644
--- a/NEWS
+++ b/NEWS
@@ -210,6 +210,10 @@ with all sufficient information, see the ChangeLog file.
   * When HTML5 tagmaker called, overwrite CGI#header,
     CGI#header function is to create a <header> element.
 
+* CSV
+  * Removed CSV::dump and CSV::load to protect users from dangerous
+    serialization vulnerability
+
 * iconv
   * Iconv has been removed. Use String#encode instead.