- Security: Possible cookie theft in src/redirect.php if

[squirrelmail.git] / ChangeLog

diff --git a/ChangeLog b/ChangeLog
index f8825386f462f77d749ffe6b615acd6a34090eb5..3b18f2336c0c4e9d78add4b71892a210a606a7b7 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,9 @@ Version 1.5.2 - CVS
   - Fixed View as HTML link so it doesn't forget it was part of a seach result.
   - Don't use delimiter in IMAP subscription command, when noselect folder is
     created.
+  - Security: Possible cookie theft in src/redirect.php if 
+    register_globals is enabled, and malicous site is running
+    in same domain.
   
        
 Version 1.5.1 (branched on 2006-02-12)