diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
index 8e5559485e33..8e1aee37d868 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@@ -807,6 +807,13 @@
variable limits the amount of memory that can be consumed by IPv4
packet fragments, which defends against some denial of service
attacks.
+
+ A vulnerability in the &man.fts.3; routines (used by
+ applications for recursively traversing a filesystem) could
+ allow a program to operate on files outside the intended directory
+ hierarchy. This bug has been fixed (see security advisory
+ FreeBSD-SA-01:40). &merged;
+
Userland Changes
diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
index 8e5559485e33..8e1aee37d868 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@@ -807,6 +807,13 @@
variable limits the amount of memory that can be consumed by IPv4
packet fragments, which defends against some denial of service
attacks.
+
+ A vulnerability in the &man.fts.3; routines (used by
+ applications for recursively traversing a filesystem) could
+ allow a program to operate on files outside the intended directory
+ hierarchy. This bug has been fixed (see security advisory
+ FreeBSD-SA-01:40). &merged;
+
Userland Changes
diff --git a/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml
index 8e5559485e33..8e1aee37d868 100644
--- a/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml
@@ -807,6 +807,13 @@
variable limits the amount of memory that can be consumed by IPv4
packet fragments, which defends against some denial of service
attacks.
+
+ A vulnerability in the &man.fts.3; routines (used by
+ applications for recursively traversing a filesystem) could
+ allow a program to operate on files outside the intended directory
+ hierarchy. This bug has been fixed (see security advisory
+ FreeBSD-SA-01:40). &merged;
+
Userland Changes