summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormatty%chariot.net.au <>2002-06-08 08:39:35 +0200
committermatty%chariot.net.au <>2002-06-08 08:39:35 +0200
commit58a015c7371684ee84483c4e3da5e597f6c86e75 (patch)
treea0b3fbeeab80dc1813737dcbcea23f38fc0aca89
parentacd62bd9d18593c3953eb1633877bedc3741f8ce (diff)
downloadbugzilla-58a015c7371684ee84483c4e3da5e597f6c86e75.tar.gz
bugzilla-58a015c7371684ee84483c4e3da5e597f6c86e75.tar.xz
Release notes updates.
-rw-r--r--docs/rel_notes.txt10
1 files changed, 6 insertions, 4 deletions
diff --git a/docs/rel_notes.txt b/docs/rel_notes.txt
index 9d84e6818..366673f97 100644
--- a/docs/rel_notes.txt
+++ b/docs/rel_notes.txt
@@ -143,10 +143,6 @@ fix the problem on your installation.
*** SECURITY ISSUES RESOLVED ***
-- The bug list sort order could take arbitrary SQL. There
- are no known exploits for this problem.
- (bug 130821)
-
- The bug reporter could set the priority even when
'letsubmitterchoosepriority' was off.
(bug 63018)
@@ -401,6 +397,12 @@ fix the problem on your installation.
corrupted.
(bug 92263)
+- The bug list sort order is now stricter about the SQL it will accept,
+ ensuring you use correct column name syntax. Before this, there were
+ some syntax checks, so it is not known whether this problem was
+ exploitable.
+ (bug 130821)
+
********************************************
*** USERS UPGRADING FROM 2.14 OR EARLIER ***
********************************************