From: kink Date: Tue, 26 Jul 2011 20:28:11 +0000 (+0000) Subject: document cve id's for posterity X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=fc704be3e479516aa41f385bb992ff5e8d4be745;p=squirrelmail.git document cve id's for posterity git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14138 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/doc/ChangeLog b/doc/ChangeLog index 06cf9065..e6c11131 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -364,7 +364,8 @@ Version 1.5.2 - SVN for bringing this to our attention). [CVE-2010-4554] - Fixed XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks - to Nicholas Carlini for finding all these issues). [CVE-2010-4555] + to Nicholas Carlini for finding all these issues). + [CVE-2011-2752, CVE-2011-2753, CVE-2010-4555] - Fixed XSS problem with unsanitized style tags in messages. [CVE-2011-2023] Version 1.5.1 (branched on 2006-02-12)