You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2013/06/18 16:32:36 UTC
[17/41] git commit: updated refs/heads/1832-fix-empty-attachment-name
to ad774b6
Correcting NEWS and CHANGES discrepancies
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/6302d1bb
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/6302d1bb
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/6302d1bb
Branch: refs/heads/1832-fix-empty-attachment-name
Commit: 6302d1bb75a319613d9e060182e03d99fb4ddce4
Parents: 0960a06
Author: Noah Slater <ns...@apache.org>
Authored: Wed Feb 27 19:46:49 2013 +0000
Committer: Noah Slater <ns...@apache.org>
Committed: Wed Feb 27 19:46:49 2013 +0000
----------------------------------------------------------------------
CHANGES | 39 +++++++++++++++++++++++++++++++++++++++
1 file changed, 39 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/6302d1bb/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 496f7b1..bc97b75 100644
--- a/CHANGES
+++ b/CHANGES
@@ -148,6 +148,45 @@ Log System:
* Log correct stacktrace in all cases.
* Improvements to log messages for file-related errors.
+Version 1.1.2
+-------------
+
+Security:
+
+ * Fixed CVE-2012-5641: Apache CouchDB Information disclosure via unescaped
+ backslashes in URLs on Windows
+ * Fixed CVE-2012-5649: Apache CouchDB JSONP arbitrary code execution with
+ Adobe Flash
+ * Fixed CVE-2012-5650: Apache CouchDB DOM based Cross-Site Scripting via Futon
+ UI
+
+HTTP Interface:
+
+ * ETag of attachment changes only when the attachment changes, not
+ the document.
+ * Fix retrieval of headers larger than 4k.
+ * Allow OPTIONS HTTP method for list requests.
+ * Don't attempt to encode invalid json.
+
+Replicator:
+
+ * Fix pull replication of documents with many revisions.
+ * Fix replication from an HTTP source to an HTTP target.
+
+View Server:
+
+ * Avoid invalidating view indexes when running out of file descriptors.
+
+Log System:
+
+ * Improvements to log messages for file-related errors.
+
+Build System:
+
+ * Don't `ln` the `couchjs` install target on Windows
+ * Remove ICU version dependency on Windows.
+ * Improve SpiderMonkey version detection.
+
Version 1.1.1
-------------