diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
index 2d7f5081c980..c690ff8e5ca2 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@@ -1430,6 +1430,16 @@ options HZ=1000 # not compulsory but strongly recommended
closed. Note that the default value of this setting is
UseLogin no. (See security advisory
FreeBSD-SA-01:63.) &merged;
+
+ The use of an insecure temporary directory by
+ &man.pkg.add.1; could permit a local attacker to modify the
+ contents of binary packages while they were being installed.
+ This hole has been closed. (See security advisory
+ FreeBSD-SA-02:01.) &merged;
+
+ A race condition in &man.pw.8;, which could expose the
+ contents of /etc/master.passwd, has been
+ eliminated. (See security advisory FreeBSD-SA-02:02.) &merged;
Userland Changes
diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
index 2d7f5081c980..c690ff8e5ca2 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@@ -1430,6 +1430,16 @@ options HZ=1000 # not compulsory but strongly recommended
closed. Note that the default value of this setting is
UseLogin no. (See security advisory
FreeBSD-SA-01:63.) &merged;
+
+ The use of an insecure temporary directory by
+ &man.pkg.add.1; could permit a local attacker to modify the
+ contents of binary packages while they were being installed.
+ This hole has been closed. (See security advisory
+ FreeBSD-SA-02:01.) &merged;
+
+ A race condition in &man.pw.8;, which could expose the
+ contents of /etc/master.passwd, has been
+ eliminated. (See security advisory FreeBSD-SA-02:02.) &merged;
Userland Changes