diff docs/CHANGES @ 5911:ef1bee86328f

update CHANGES
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 29 Dec 2012 17:13:39 +0100
parents 9c7968c832a4
children f2fb4b3ed8e5
line wrap: on
line diff
--- a/docs/CHANGES	Sat Dec 29 15:05:29 2012 +0100
+++ b/docs/CHANGES	Sat Dec 29 17:13:39 2012 +0100
@@ -25,6 +25,7 @@
   HINT: Python >= 2.5 is maybe required! See docs/REQUIREMENTS for details.
 
   Fixes:
+  * fix remote code execution vulnerability in twikidraw/anywikidraw action
   * fix XSS issue, escape page name in rss link
   * escape user- or admin-defined css url
   * make taintfilename more secure