From fe306190bf527d9c29211e4a9a9aff82883b6bbd Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 31 Jul 2023 15:54:17 +0200
Subject: [PATCH] NEWS: Mention CVE-2023-3750 and BeeGFS migration support

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
---
 NEWS.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/NEWS.rst b/NEWS.rst
index 8f0c67f779..e31448e829 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,13 @@ v9.6.0 (unreleased)
 
 * **Security**
 
+  * ``CVE-2023-3750``: Fix race condition in storage driver leading to a crash
+
+   In **libvirt-8.3** a bug was introduced which in rare cases could cause
+   ``libvirtd`` or ``virtstoraged`` to crash if multiple clients attempted to
+   look up a storage volume by key, path or target path, while other clients
+   attempted to access something from the same storage pool.
+
 * **Removed features**
 
 * **New features**
@@ -38,6 +45,11 @@ v9.6.0 (unreleased)
     Users no longer need to specify guest NUMA node in the domain XML when
     enabling memory hotplug, libvirt automatically adds one when it is missing.
 
+  * qemu: Consider ``BeeGFS`` as a shared filesystem
+
+    Allow migration with non-shared storage for VMs accessing storage via
+    ``BeeGFS``.
+
 * **Bug fixes**
 
   * qemu: Adapt to new way of specifying PC speaker