From b27338ac9710cfcf69c4c99028f474aae8b28b49 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Wed, 27 Aug 2014 12:16:52 +0300
Subject: Fix #3189

---
 user_guide_src/source/changelog.rst | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide_src')

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 165ef424f..766cb3172 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -743,6 +743,7 @@ Bug fixes for 3.0
 -  Fixed a bug where ``CI_Xmlrpcs::parseRequest()`` could fail if ``$HTTP_RAW_POST_DATA`` is not populated.
 -  Fixed a bug in :doc:`Zip Library <libraries/zip>` internal method ``_get_mod_time()`` where it was not parsing result returned by ``filemtime()``.
 -  Fixed a bug (#3161) - :doc:`Cache Library <libraries/cache>` methods `increment()`, `decrement()` didn't auto-create non-existent items when using redis and/or file storage.
+-  Fixed a bug (#3189) - :doc:`Parser Library <libraries/parser>` used double replacement on ``key->value`` pairs, exposing a potential template injection vulnerability.
 
 Version 2.2.0
 =============
-- 
cgit v1.2.3-24-g4f1b