This is an automated email from the ASF dual-hosted git repository.
brondsem pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
The following commit(s) were added to refs/heads/master by this push:
new 28c9b6ffd publicize security fix in changelog
28c9b6ffd is described below
commit 28c9b6ffd13b10c56b9358df17e6aae401db53c6
Author: Dave Brondsema <[email protected]>
AuthorDate: Fri Jun 21 13:41:56 2024 -0400
publicize security fix in changelog
---
CHANGES | 3 +++
1 file changed, 3 insertions(+)
diff --git a/CHANGES b/CHANGES
index ee412b729..83471a400 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@ Upgrade Instructions
If using docker, rebuild the allura image and restart containers.
+Security Fix
+ * [#8563] CVE 2024-38379 authenticated XSS possible for neighborhood admins
+
Breaking Changes
* [#8556] remove has_access(..)() syntax. Custom extensions using this
syntax will need to remove the second ()
