From c002ac807479f296c0409dd7f4a6e665cb2c7bfa Mon Sep 17 00:00:00 2001
From: Alexander Larsson <alexl@redhat.com>
Date: Mon, 11 Feb 2019 13:29:42 +0100
Subject: [PATCH] Update NEWS for release

---
 NEWS | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/NEWS b/NEWS
index f155c007..82234cd8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,14 @@
+Changes in 1.2.3
+================
+
+The CVE-2019-5736 runc vulnerability is about using /proc/self/exe
+to modify the host side binary from the sandbox. This mostly does not
+affect flatpak since the flatpak sandbox is not run with root permissions.
+However, there is one case (running the apply_extra script for system
+installs) where this happens, so this release contains a fix for that.
+
+ * Don't expose /proc in apply_extra script sandbox.
+
 Changes in 1.2.2
 ================