You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by ja...@apache.org on 2013/06/18 16:32:41 UTC

[22/41] git commit: updated refs/heads/1832-fix-empty-attachment-name to ad774b6

Correcting NEWS and CHANGES discrepancies


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/cba68896
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/cba68896
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/cba68896

Branch: refs/heads/1832-fix-empty-attachment-name
Commit: cba68896560c10cc4efda5dfa3537644f9eda23c
Parents: fab8154
Author: Noah Slater <ns...@apache.org>
Authored: Wed Feb 27 19:54:23 2013 +0000
Committer: Noah Slater <ns...@apache.org>
Committed: Wed Feb 27 19:54:23 2013 +0000

----------------------------------------------------------------------
 CHANGES | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/cba68896/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 8de7a9c..a1b18d5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -462,6 +462,11 @@ View Server:
 Version 0.11.2
 --------------
 
+Security:
+
+ * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack
+ * Avoid potential DOS attack by guarding all creation of atoms.
+
 Replicator:
 
  * Fix bug when pushing design docs by non-admins, which was hanging the
@@ -477,10 +482,6 @@ Authentication:
 
  * User documents can now be deleted by admins or the user.
 
-Security:
-
- * Avoid potential DOS attack by guarding all creation of atoms.
-
 Futon:
 
  * Add some Futon files that were missing from the Makefile.
@@ -659,6 +660,21 @@ Build and System Integration:
  * Gavin McDonald setup a build-bot instance. More info can be found at
    http://ci.apache.org/buildbot.html
 
+Version 0.10.2
+--------------
+
+Security:
+
+ * Fixed CVE-2010-0009: Apache CouchDB Timing Attack Vulnerability
+
+Replicator:
+
+ * Avoid leaking file descriptors on automatic replication restarts.
+
+Build and System Integration:
+
+ * Fixed distribution preparation for building on Mac OS X.
+
 Version 0.10.1
 --------------