list cve's that are fixed by the deregister globals code

author kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)

committer kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)
author kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)
committer kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)
diff --git a/ChangeLog b/ChangeLog

index 3cfd2f1b8f8be17061981d8f44108b34fdb386ba..ca8688eeaf7c1663d7d980639317b51660543e75 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -596,7 +596,7 @@ Version 1.5.1 (branched on 2006-02-12)
    - Add doc/security.txt with some hints for a more secure installation.
    - Added sqauth_read_password() and sqauth_save_password() functions.
    - Unset global GET, POST and COOKIE variables registered in PHP
-    register_globals=on setups.
+    register_globals=on setups. (Also addresses: CVE-2006-2842, CVE-2006-3174)
    - Capabilities array now contains all multivalue information provided
      by the IMAP server. (Such as THREAD=SORT, THREAD=REFERENCES).
    - Inclusion of Compatibility plugin automatic (no patch needed for plugin)
author	kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)
committer	kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sun, 16 Jul 2006 18:06:55 +0000 (18:06 +0000)