From 5c2d695993080f294c54353954254aa44c6da12c Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Fri, 22 Mar 2019 13:13:01 -0700
Subject: Update CHANGELOGs for 6.0.0.beta3 release

---
 railties/CHANGELOG.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'railties')

diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md
index 226b949b34..754f11212c 100644
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@@ -4,7 +4,17 @@
 
 ## Rails 6.0.0.beta3 (March 11, 2019) ##
 
-*   No changes.
+*   Generate random development secrets
+
+    A random development secret is now generated to tmp/development_secret.txt
+
+    This avoids an issue where development mode servers were vulnerable to
+    remote code execution.
+
+    Fixes CVE-2019-5420
+
+    *Eileen M. Uchitelle*, *Aaron Patterson*, *John Hawthorn*
+
 
 
 ## Rails 6.0.0.beta2 (February 25, 2019) ##
-- 
cgit v1.2.3