Updated Branches: refs/heads/0.11.x c48914837 -> a89ee51f2 refs/heads/1.2.x 15619b5f0 -> 1b02bf40c
Tidied up security items in NEWS and CHANGES on 0.11.x branch Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/a89ee51f Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/a89ee51f Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/a89ee51f Branch: refs/heads/0.11.x Commit: a89ee51f208559146e721fc90bcf1c109f11d1b4 Parents: c489148 Author: Noah Slater <[email protected]> Authored: Mon Feb 25 20:08:44 2013 +0000 Committer: Noah Slater <[email protected]> Committed: Mon Feb 25 20:08:44 2013 +0000 ---------------------------------------------------------------------- CHANGES | 9 +++++---- NEWS | 4 ++-- 2 files changed, 7 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/a89ee51f/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 34ef0ca..6e634b9 100644 --- a/CHANGES +++ b/CHANGES @@ -15,6 +15,11 @@ Storage System: Version 0.11.2 -------------- +Security: + + * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack + * Avoid potential DOS attack by guarding all creation of atoms. + Replicator: * Fix bug when pushing design docs by non-admins, which was hanging the @@ -29,10 +34,6 @@ HTTP Interface: Authentication: * User documents can now be deleted by admins or the user. - -Security: - - * Avoid potential DOS attack by guarding all creation of atoms. Futon: http://git-wip-us.apache.org/repos/asf/couchdb/blob/a89ee51f/NEWS ---------------------------------------------------------------------- diff --git a/NEWS b/NEWS index 81f72ac..3ff28c7 100644 --- a/NEWS +++ b/NEWS @@ -18,12 +18,12 @@ Note: This version has not been released yet. Version 0.11.2 -------------- + * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack + * Avoid potential DOS attack by guarding all creation of atoms. * Replicator buxfixes for replicating design documents from secured databases. * Better error messages on invalid URL requests. * User documents can now be deleted by admins or the user. - * Avoid potential DOS attack by guarding all creation of atoms. * Some Futon and JavaScript library bugfixes. - * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack Version 0.11.1 --------------
