diff --git a/doc/src/sgml/release-12.sgml b/doc/src/sgml/release-12.sgml
index 79548ed83c5..cadbbfd3de3 100644
--- a/doc/src/sgml/release-12.sgml
+++ b/doc/src/sgml/release-12.sgml
@@ -37,6 +37,30 @@
     <listitem>
 <!--
 Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
+Branch: master [b048f558d] 2020-02-10 11:47:09 -0300
+Branch: REL_12_STABLE [2ad125322] 2020-02-10 11:47:09 -0300
+Branch: REL_11_STABLE [bdd19e48a] 2020-02-10 11:47:09 -0300
+Branch: REL_10_STABLE [ac1a998ed] 2020-02-10 11:47:09 -0300
+Branch: REL9_6_STABLE [e8b8eb937] 2020-02-10 12:06:25 -0300
+-->
+     <para>
+      Add missing permissions checks for <command>ALTER ... DEPENDS ON
+      EXTENSION</command> (&Aacute;lvaro Herrera)
+     </para>
+
+     <para>
+      Marking an object as dependent on an extension did not have any
+      privilege check whatsoever.  This oversight allowed any user to mark
+      routines, triggers, materialized views, or indexes as droppable by
+      anyone able to drop an extension.  Require that the calling user own
+      the specified object (and hence have privilege to drop it).
+      (CVE-2020-1720)
+     </para>
+    </listitem>
+
+    <listitem>
+<!--
+Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
 Branch: master [9710d3d4a] 2020-02-07 17:09:36 -0300
 Branch: REL_12_STABLE [ce054a8cd] 2020-02-07 17:09:36 -0300
 -->
@@ -1201,6 +1225,24 @@ Branch: REL9_4_STABLE [56c06999d] 2019-11-13 11:35:37 -0500
 
     <listitem>
 <!--
+Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
+Branch: master [8fa8e0115] 2020-02-10 12:14:58 -0300
+Branch: REL_12_STABLE [87d014da9] 2020-02-10 12:14:58 -0300
+Branch: REL_11_STABLE [ca902add6] 2020-02-10 12:14:58 -0300
+Branch: REL_10_STABLE [163161723] 2020-02-10 12:14:58 -0300
+Branch: REL9_6_STABLE [5575fc208] 2020-02-10 12:14:58 -0300
+Branch: REL9_5_STABLE [1b2ae4bcd] 2020-02-10 12:16:40 -0300
+Branch: REL9_4_STABLE [6f1e443a6] 2020-02-10 12:14:58 -0300
+-->
+     <para>
+      Apply more thorough syntax checking
+      to <application>createuser</application>'s
+      <option>--connection-limit</option> option (&Aacute;lvaro Herrera)
+     </para>
+    </listitem>
+
+    <listitem>
+<!--
 Author: Tom Lane <tgl@sss.pgh.pa.us>
 Branch: master [4ba4bfaf2] 2019-12-26 15:19:39 -0500
 Branch: REL_12_STABLE [883c27a1c] 2019-12-26 15:19:39 -0500