From 2ab3d072b0ed7d9a7adb43bb5a3d56b0d90ec619 Mon Sep 17 00:00:00 2001
From: Harald Eilertsen <haraldei@anduin.net>
Date: Fri, 25 Mar 2022 22:14:39 +0100
Subject: Update changelog with missing fix and cve

---
 CHANGELOG | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'CHANGELOG')

diff --git a/CHANGELOG b/CHANGELOG
index f04d0f639..91558b83b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -28,8 +28,9 @@ Hubzilla 7.2 (2022-??-??)
 
 	Bugfixes
 	- Fix comments_closed date on posts where comments are disabled
-	- Fix open redirect via rpath query param
-	- Fix local file inclusion in redbasic theme
+	- Fix open redirect via rpath query param (CVE-2022-27256)
+	- Fix cross-site scripting via rpath query param (CVE-2022-27258)
+	- Fix local file inclusion in redbasic theme (CVE-2022-27257)
 	- Fix baseurl for css and js
 	- Fix duplicate IDs in login form
 	- Fix unknown author not fetched if w2w comment arrives
-- 
cgit v1.2.3