From 60e6b7e64d7e9f750478b124c9e00718023861f7 Mon Sep 17 00:00:00 2001
From: Mauricio Harley <mharley@redhat.com>
Date: Fri, 3 Mar 2023 14:24:35 +0100
Subject: [PATCH] Release notes for secret consumers, microversions and CVE fix

Change-Id: Iaea5b454ad7a594eeac2b346fc2c713271c80a61
---
 .../fix-story-2010258-053ee02fe46b9984.yaml   |  6 +++++
 ...icroversions-changes-5aacdad5b7c776a3.yaml | 25 +++++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 releasenotes/notes/fix-story-2010258-053ee02fe46b9984.yaml
 create mode 100644 releasenotes/notes/secret-consumers-microversions-changes-5aacdad5b7c776a3.yaml

diff --git a/releasenotes/notes/fix-story-2010258-053ee02fe46b9984.yaml b/releasenotes/notes/fix-story-2010258-053ee02fe46b9984.yaml
new file mode 100644
index 000000000..2537889d6
--- /dev/null
+++ b/releasenotes/notes/fix-story-2010258-053ee02fe46b9984.yaml
@@ -0,0 +1,6 @@
+---
+security:
+  - |
+    Fixed Story #2010258:  Fixes a security vulnerability where the
+    contents of a request query string were mistakenly being used
+    in the RBAC policy engine.
diff --git a/releasenotes/notes/secret-consumers-microversions-changes-5aacdad5b7c776a3.yaml b/releasenotes/notes/secret-consumers-microversions-changes-5aacdad5b7c776a3.yaml
new file mode 100644
index 000000000..6d7f4fcbc
--- /dev/null
+++ b/releasenotes/notes/secret-consumers-microversions-changes-5aacdad5b7c776a3.yaml
@@ -0,0 +1,25 @@
+---
+prelude: >
+  This version adds support to the secret consumers and microversions
+  functionalities.  The detailed secret consumers specification can
+  be found on <https://specs.openstack.org/openstack/barbican-specs/specs/train/secret-consumers.html>.
+
+  Microversions allow clients to interact with Barbican server to gather
+  information on minimum and maximum versions supported by the server.
+  More information can be found on <https://docs.openstack.org/barbican/latest/api/microversions.html>.
+features:
+  - |
+    The secret consumers functionality allows other OpenStack projects,
+    such as Cinder and Glance, to name a few, to register consumers
+    of secrets.  This is useful when a project wants to make an end
+    user aware that it is using the secret.
+
+    Secret consumers do not block the secret to be deleted by the end
+    user though.  When an end user needs to delete a secret that has
+    consumers, it can simply do it.  However, deletion of secrets with
+    consumers must be forced using a corresponding parameter, either
+    in the client's CLI or in the client's API.
+
+    Microversions enable clients to do a server supported version
+    discovery, allowing old clients (not supporting the feature) to
+    interact with newer servers.
\ No newline at end of file