From 9bf2a8a84a186c4d5520d1111eb88595021cdf5b Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Sat, 28 Aug 2010 11:36:43 +0000
Subject: [PATCH] 	* new-features.sgml (ov-new1.7.7): Document change to
 avoid DLL 	hijacking.

---
 winsup/doc/ChangeLog         | 5 +++++
 winsup/doc/new-features.sgml | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/winsup/doc/ChangeLog b/winsup/doc/ChangeLog
index a1982377a..3e231b5e4 100644
--- a/winsup/doc/ChangeLog
+++ b/winsup/doc/ChangeLog
@@ -1,3 +1,8 @@
+2010-08-28  Corinna Vinschen  <corinna@vinschen.de>
+
+	* new-features.sgml (ov-new1.7.7): Document change to avoid DLL
+	hijacking.
+
 2010-08-27  Corinna Vinschen  <corinna@vinschen.de>
 
 	* new-features.sgml (ov-new1.7.7): Change to describe partial
diff --git a/winsup/doc/new-features.sgml b/winsup/doc/new-features.sgml
index bc6caaa80..e459d5ffa 100644
--- a/winsup/doc/new-features.sgml
+++ b/winsup/doc/new-features.sgml
@@ -12,6 +12,11 @@ the Cygwin CWD is not usable as Win32 CWD.  See the reworked
 <xref linkend="pathnames-win32-api"></xref> for details.
 </para></listitem>
 
+<listitem><para>
+Make sure to follow the Microsoft security advisory concerning DLL hijacking.
+See the <ulink url="http://www.microsoft.com/technet/security/advisory/2269637.mspx">Microsoft Security Advisory (2269637) "Insecure Library Loading Could Allow Remote Code Execution"</ulink> for details.
+</para></listitem>
+
 </itemizedlist>
 
 </sect2>