From 789f20eba860b769d7153afab42a70fe50688185 Mon Sep 17 00:00:00 2001
From: Peter Simons <simons@cryp.to>
Date: Mon, 1 Jun 2015 15:20:18 +0200
Subject: [PATCH] nixos release notes: document new services.openssh.moduliFile
 option

---
 nixos/doc/manual/release-notes/rl-unstable.xml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/nixos/doc/manual/release-notes/rl-unstable.xml b/nixos/doc/manual/release-notes/rl-unstable.xml
index a7ba1cb1ff5..cf67014a69d 100644
--- a/nixos/doc/manual/release-notes/rl-unstable.xml
+++ b/nixos/doc/manual/release-notes/rl-unstable.xml
@@ -21,6 +21,17 @@
         below, in the list of backwards-incompatible changes.
       </para>
     </listitem>
+
+    <listitem>
+      <para>
+        Users running an SSH server who worry about the quality of their
+        <literal>/etc/ssh/moduli</literal> file with respect to the <link
+        xlink:href="https://stribika.github.io/2015/01/04/secure-secure-shell.html">vulnerabilities
+        discovered in the Diffie-Hellman key exchange</link> can now replace OpenSSH's
+        default version with one they generated themselves using the new
+        <literal>services.openssh.moduliFile</literal> option.
+      </para>
+    </listitem>
   </itemizedlist>
 
 </para>