You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2013/06/18 16:32:50 UTC
[31/41] git commit: updated refs/heads/1832-fix-empty-attachment-name
to ad774b6
Added CVE-2010-2234 to NEWS and CHANGES
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/fd9b66db
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/fd9b66db
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/fd9b66db
Branch: refs/heads/1832-fix-empty-attachment-name
Commit: fd9b66dbc29764a1f255ff88cd3ce574bf532e3e
Parents: 242ea0b
Author: Noah Slater <ns...@apache.org>
Authored: Wed Feb 27 22:06:26 2013 +0000
Committer: Noah Slater <ns...@apache.org>
Committed: Wed Feb 27 22:06:42 2013 +0000
----------------------------------------------------------------------
CHANGES | 4 ++++
NEWS | 1 +
2 files changed, 5 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/fd9b66db/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 12aa177..154481b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -413,6 +413,10 @@ View Server:
Version 1.0.1
-------------
+Security:
+
+ * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack
+
Storage System:
* Fix data corruption bug COUCHDB-844. Please see
http://git-wip-us.apache.org/repos/asf/couchdb/blob/fd9b66db/NEWS
----------------------------------------------------------------------
diff --git a/NEWS b/NEWS
index 2a3558c..912dd75 100644
--- a/NEWS
+++ b/NEWS
@@ -207,6 +207,7 @@ Version 1.0.2
Version 1.0.1
-------------
+ * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack
* Fix data corruption bug COUCHDB-844. Please see
http://couchdb.apache.org/notice/1.0.1.html for details.
* Added support for replication via an HTTP/HTTPS proxy.