From b596365109898a88f0116220c44c0c7400bde2fd Mon Sep 17 00:00:00 2001
From: Tatu Saloranta <tatu.saloranta@iki.fi>
Date: Tue, 28 May 2019 13:36:11 -0700
Subject: [PATCH] update 2.7 release notes wrt #2326 patch

---
 release-notes/VERSION | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/release-notes/VERSION b/release-notes/VERSION
index ba816e02d7..e31ca61824 100644
--- a/release-notes/VERSION
+++ b/release-notes/VERSION
@@ -4,6 +4,11 @@ Project: jackson-databind
 === Releases ===
 ------------------------------------------------------------------------
 
+Not yet released
+
+#2326: Block class for CVE-2019-12086
+ (contributed by MaximilianTews@github)
+
 2.7.9.5 (23-Nov-2018)
 
 #1899: Another two gadgets to exploit default typing issue in jackson-databind