From 6a221faa6283ee8773131475ee4794fcf91ee219 Mon Sep 17 00:00:00 2001
From: Coty Sutherland <csutherl@redhat.com>
Date: Fri, 16 Mar 2018 11:27:50 -0400
Subject: [PATCH] Forgot to add changelog entires for the CVEs

---
 tomcat.spec | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tomcat.spec b/tomcat.spec
index e19394c..7fe827e 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -703,6 +703,8 @@ fi
 %changelog
 * Thu Mar 15 2018 Coty Sutherland <csutherl@redhat.com> - 1:8.5.29-1
 - Update to 8.5.29
+- Resolves: rhbz#1548290 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources
+- Resolves: rhbz#1548284 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
 
 * Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:8.0.49-2
 - Escape macros in %%changelog