add CVE for session fixation - CVE-2011-4718

ChangeLog-5.php

@@ -53,7 +53,7 @@ function peclbugl($number)   { echo "<a href=\"http://pecl.php.net/bugs/bug.php?
 </ul></li>
 <li>Sessions:
 <ul>
-  <li>Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions) which protects against session fixation attacks and session collisions.</li>
+  <li>Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions) which protects against session fixation attacks and session collisions (CVE-2011-4718).</li>
   <li>Fixed possible buffer overflow under Windows. Note: Not a security fix.</li>
   <li>Changed session.auto_start to PHP_INI_PERDIR.</li>
 </ul></li>

archive/entries/2013-08-16-1.xml

@@ -11,7 +11,7 @@
   <content type="xhtml">
     <div xmlns="http://www.w3.org/1999/xhtml">
      <p>The PHP development team announces the immediate availability of PHP
-     5.5.2. About 20 bugs were fixed, including security issue in OpenSSL module (CVE-2013-4248).
+     5.5.2. About 20 bugs were fixed, including security issue in OpenSSL module (CVE-2013-4248) and session fixation problem (CVE-2011-4718).
      All users of PHP are encouraged to upgrade to this release.</p>
      
      <p>For source downloads of PHP 5.5.2 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,

releases/5_5_2.php

@@ -8,7 +8,7 @@ site_header("PHP 5.5.2 Release Announcement");
 <h1>PHP 5.5.2 Release Announcement</h1>
 
 <p>The PHP development team announces the immediate availability of PHP
-5.5.2. About 20 bugs were fixed, including security issue in OpenSSL module (CVE-2013-4248).
+5.5.2. About 20 bugs were fixed, including security issue in OpenSSL module (CVE-2013-4248) and session fixation problem (CVE-2011-4718).
 All users of PHP are encouraged to upgrade to this release.</p>
 
 <p>For source downloads of PHP 5.5.2 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,