Add 1.29.1 release nodes

author Alex Crichton <alex@alexcrichton.com>

Tue, 25 Sep 2018 17:48:07 +0000 (10:48 -0700)

committer Alex Crichton <alex@alexcrichton.com>

Tue, 25 Sep 2018 17:48:55 +0000 (10:48 -0700)
author Alex Crichton <alex@alexcrichton.com>
Tue, 25 Sep 2018 17:48:07 +0000 (10:48 -0700)
committer Alex Crichton <alex@alexcrichton.com>
Tue, 25 Sep 2018 17:48:55 +0000 (10:48 -0700)
diff --git a/RELEASES.md b/RELEASES.md

index 819c9184364fdd773bd8b59432e7e2ebdc0c1685..08470e731d8e7390f89d8479f0d9a363089268ad 100644 (file)
--- a/RELEASES.md
+++ b/RELEASES.md
@@ -1,3 +1,16 @@
+Version 1.29.1 (2018-09-25)
+===========================
+
+Security Notes
+--------------
+
+- The standard library's `str::repeat` function contained an out of bounds write
+  caused by an integer overflow. This has been fixed by deterministically
+  panicking when an overflow happens.
+
+  Thank you to Scott McMurray for responsibily disclosing this vulnerability to
+  us.
+
  Version 1.29.0 (2018-09-13)
  ==========================
author	Alex Crichton <alex@alexcrichton.com>
	Tue, 25 Sep 2018 17:48:07 +0000 (10:48 -0700)
committer	Alex Crichton <alex@alexcrichton.com>
	Tue, 25 Sep 2018 17:48:55 +0000 (10:48 -0700)