summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-10-22 15:46:10 +0200
committerAndrey Andreev <narf@devilix.net>2016-10-22 15:46:10 +0200
commit038ae9a085e1970ea26eeaf566cfae31c2802a90 (patch)
treebfd4e34cea286ccf8673ce11b2cd7cc3920ce6b4 /user_guide_src
parent6c6ee1a1e73b3f8a93ca031107bec35e56272a0a (diff)
parenteea02de557834006c5d6a0bfccca7f39e75bf3a8 (diff)
Merge branch 'security/entity_decode' into 3.1-stable
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/changelog.rst4
1 files changed, 4 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index d025d52f1..1e59d4ca2 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -7,6 +7,10 @@ Version 3.1.1
Release Date: Not Released
+- **Security**
+
+ - Fixed a flaw in :doc:`Security Library <libraries/security>` method ``entity_decode()`` (used by ``xss_clean()``) that affects HTML 5 entities when using PHP 5.3.
+
- General Changes
- Added ``E_PARSE`` to the list of error levels detected by the shutdown handler.