diff --git a/docs/news.xml b/docs/news.xml
index 23bd831563..06ab3c0cef 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -42,7 +42,60 @@
+
+
+
+ cpu: Introduce support for the md-clear CPUID bit
+
+
+ This bit is set when microcode provides the mechanism to invoke a
+ flush of various exploitable CPU buffers by invoking the x86
+ VERW instruction. CVE-2018-12126, CVE-2018-12127,
+ CVE-2018-12130, CVE-2019-11091.
+
+
+
+
+ Restrict user access to virt-admin, virtlogd and virtlockd
+
+
+ The intended users for these facilities are the root
+ user and the libvirtd service respectively, but these
+ restrictions were not enforced correctly. CVE-2019-10132.
+
+
+
+
+
+ test driver: Expand API coverage
+
+
+ Several APIs that were missing from the test driver have now been
+ implemented.
+
+
+
+
+ Avoid unnecessary static linking
+
+
+ Most binaries shipped as part of libvirt, for example
+ virtlogd and libvirt_iohelper, were
+ embedding parts of the library even though they also linked against
+ the libvirt.so dynamic library. This is no longer the
+ case, which results in both the disk and memory footprint being
+ reduced.
+
+
+
+
+ qemu: Report stat-htlb-pgalloc and stat-htlb-pgfail balloon stats
+
+
+ These stats have been introduced in QEMU 3.0.
+
+
@@ -58,6 +111,11 @@
scheduler for the main thread is set after QEMU starts.
+
+
+ apparmor: Allow hotplug of vhost-scsi devices
+
+