changeset 5539:1cc5dee5ecae

update docs/CHANGES
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 13 Feb 2010 20:09:26 +0100
parents 7252009186c0
children 31f52a5e4024
files docs/CHANGES
diffstat 1 files changed, 5 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/docs/CHANGES	Sat Feb 13 18:58:06 2010 +0100
+++ b/docs/CHANGES	Sat Feb 13 20:09:26 2010 +0100
@@ -19,10 +19,11 @@
 
 Version 1.8.7:
   Fixes:
-  * Fixed major security issues in misc. actions.
+  * Fixed major security issues in miscellaneous parts of moin.
     HINT: if you have removed superuser configuration to workaround the issue
     (following our security advisory), you may re-add it after installing this
-    moin release.
+    moin release. If you don't need superuser capabilities often, it might be
+    wise to not have superusers configured all the time, though.
   * Improved package security: cfg.packagepages_actions_excluded excludes
     unsafe or otherwise questionable package actions by default now.
   * wiki parser: fixed transclusion of (e.g. video) attachments from other
@@ -32,8 +33,8 @@
     * Process attachname in get/putAttachment similarly.
     * revertPage: convert pagename to internal representation.
   * Fixed config.umask usage for page packages.
-  * Fixed usage of i18n.wikiLanguages() on class level (moved to method), failed
-    when tools import the module (e.g. pydoc -k foo).
+  * Fixed usage of i18n.wikiLanguages() on class level (moved to method),
+    failed when tools import the module (e.g. pydoc -k foo).
   * SubProcess: fixed win32-specific parts, fixed imports (fixes calling of
     external xapian index filters)