X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=070071e40488329baa633f47328413b0c3f1d377;hp=9c9b99bc5c395860eb474071a00b2926ba4249c0;hb=7e2ff8448ac2f801e4ffc43c1149c94a8a760800;hpb=210b5bb5d7f46c4c5c4bda8d567bef2f3bbef400

diff --git a/ChangeLog b/ChangeLog
index 9c9b99bc..070071e4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -159,6 +159,10 @@ Version 1.5.2 - CVS
   - Add support for SpamAssassin's X-Spam-Status header (#1589520).
   - Added plugin on/off switch, which completely disables all plugins
     (optionally for one named user, otherwise for all users).
+  - Security: close cross site scripting vulnerability in draft, compose
+    and mailto functionality [CVE-2006-6142].
+  - Security: work around an issue in Internet Explorer that would guess
+    the mime type of a file based on contents, not Content-Type header.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------