aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Eilertsen <haraldei@anduin.net>2022-03-25 22:14:39 +0100
committerHarald Eilertsen <haraldei@anduin.net>2022-03-25 22:14:39 +0100
commit2ab3d072b0ed7d9a7adb43bb5a3d56b0d90ec619 (patch)
tree7656c363ff2c04ad5a10574ca482b16f438bb368
parent03973f5d1d25b54f0b81ccbeb08b18b745b80b22 (diff)
downloadvolse-hubzilla-2ab3d072b0ed7d9a7adb43bb5a3d56b0d90ec619.tar.gz
volse-hubzilla-2ab3d072b0ed7d9a7adb43bb5a3d56b0d90ec619.tar.bz2
volse-hubzilla-2ab3d072b0ed7d9a7adb43bb5a3d56b0d90ec619.zip
Update changelog with missing fix and cve
-rw-r--r--CHANGELOG5
1 files changed, 3 insertions, 2 deletions
diff --git a/CHANGELOG b/CHANGELOG
index f04d0f639..91558b83b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -28,8 +28,9 @@ Hubzilla 7.2 (2022-??-??)
Bugfixes
- Fix comments_closed date on posts where comments are disabled
- - Fix open redirect via rpath query param
- - Fix local file inclusion in redbasic theme
+ - Fix open redirect via rpath query param (CVE-2022-27256)
+ - Fix cross-site scripting via rpath query param (CVE-2022-27258)
+ - Fix local file inclusion in redbasic theme (CVE-2022-27257)
- Fix baseurl for css and js
- Fix duplicate IDs in login form
- Fix unknown author not fetched if w2w comment arrives