Updates for 3.11.6 got overwritten for NEWS.txt, CHANGES.txt

PLEASE READ: CVE-2017-5929 LOGBACK BEFORE 1.2.0 SERIALIZATION VULNERABILITY
------------------------------------------------------------------
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the
SocketServer and ServerSocketReceiver components.Logback has not been upgraded to avoid breaking deployments and customizations
based on older versions. If you are using vulnerable components you will need
to upgrade to a newer version of Logback or stop using the vulnerable components. 

3.11.6
======

Upgrading
---------
    - Sstables for tables using with a frozen UDT written by C* 3.0 appear as corrupted.

      Background: The serialization-header in the -Statistics.db sstable component contains the type information
      of the table columns. C* 3.0 write incorrect type information for frozen UDTs by omitting the
      "frozen" information. Non-frozen UDTs were introduced by CASSANDRA-7423 in C* 3.6. Since then, the missing
      "frozen" information leads to deserialization issues that result in CorruptSSTableExceptions, potentially other
      exceptions as well.

      As a mitigation, the sstable serialization-headers are rewritten to contain the missing "frozen" information for
      UDTs once, when an upgrade from C* 3.0 is detected. This migration does not touch snapshots or backups.

      The sstablescrub tool now performs a check of the sstable serialization-header against the schema. A mismatch of
      the types in the serialization-header and the schema will cause sstablescrub to error out and stop by default.
      See the new `-e` option. `-e off` disables the new validation code. `-e fix` or `-e fix-only`, e.g.
      `sstablescrub -e fix keyspace table`, will validate the serialization-header, rewrite the non-frozen UDTs
      in the serialzation-header to frozen UDTs, if that matches the schema, and continue with scrub.
      See `sstablescrub -h`.
      (CASSANDRA-15035)
	- repair_session_max_tree_depth setting has been added to cassandra.yaml to allow operators to reduce
	  merkle tree size if repair is creating too much heap pressure. See CASSANDRA-14096 for details.
    - Nothing specific to this release, but please see previous upgrading sections,
      especially if you are upgrading from 3.0.

3.11.6
 * Fix bad UDT sstable metadata serialization headers written by C* 3.0 on upgrade and in sstablescrub (CASSANDRA-15035)
 * Fix nodetool compactionstats showing extra pending task for TWCS - patch implemented (CASSANDRA-15409)
 * Fix SELECT JSON formatting for the "duration" type (CASSANDRA-15075)
 * Fix LegacyLayout to have same behavior as 2.x when handling unknown column names (CASSANDRA-15081)
 * Update nodetool help stop output (CASSANDRA-15401)
Merged from 3.0:
 * Run in-jvm upgrade dtests in circleci (CASSANDRA-15506)
 * Include updates to static column in mutation size calculations (CASSANDRA-15293)
 * Fix point-in-time recoevery ignoring timestamp of updates to static columns (CASSANDRA-15292)
 * GC logs are also put under $CASSANDRA_LOG_DIR (CASSANDRA-14306)
 * Fix sstabledump's position key value when partitions have multiple rows (CASSANDRA-14721)
 * Avoid over-scanning data directories in LogFile.verify() (CASSANDRA-15364)
 * Bump generations and document changes to system_distributed and system_traces in 3.0, 3.11
   (CASSANDRA-15441)
 * Fix system_traces creation timestamp; optimise system keyspace upgrades (CASSANDRA-15398)
 * Fix various data directory prefix matching issues (CASSANDRA-13974)
 * Minimize clustering values in metadata collector (CASSANDRA-15400)
 * Avoid over-trimming of results in mixed mode clusters (CASSANDRA-15405)
 * validate value sizes in LegacyLayout (CASSANDRA-15373)
 * Ensure that tracing doesn't break connections in 3.x/4.0 mixed mode by default (CASSANDRA-15385)
 * Make sure index summary redistribution does not start when compactions are paused (CASSANDRA-15265)
 * Ensure legacy rows have primary key livenessinfo when they contain illegal cells (CASSANDRA-15365)
 * Fix race condition when setting bootstrap flags (CASSANDRA-14878)
Merged from 2.2:
 * Fix SELECT JSON output for empty blobs (CASSANDRA-15435)
 * In-JVM DTest: Set correct internode message version for upgrade test (CASSANDRA-15371)
 * In-JVM DTest: Support NodeTool in dtest (CASSANDRA-15429)
 * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)