Update #652 release note with CVE ID CVE-2025-49128

cowtowncoder · cowtowncoder · commit c8784bf314c0 · 2025-06-06T13:44:35.000-07:00
diff --git a/release-notes/VERSION-2.x b/release-notes/VERSION-2.x
@@ -39,7 +39,7 @@ No changes since 2.13.3
 2.13.0 (30-Sep-2021)
 
 #652: Misleading exception for input source when processing byte buffer
-  with start offset
+  with start offset [CVE-2025-49128]
  (reported by Greg W)
 #658: Escape contents of source document snippet for `JsonLocation._appendSourceDesc()`
 #664: Add `StreamWriteException` type to eventually replace `JsonGenerationException`
