From e13ae0aec58413293bb7368436c8eb3c2f760f88 Mon Sep 17 00:00:00 2001 From: muxator Date: Fri, 4 May 2018 23:24:58 +0200 Subject: [PATCH] changelog: better specified CVE description Previous commit was wrong. Fixes #3372, really. --- CHANGELOG.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9dd333fe..7de4b605 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,9 +6,9 @@ * FIX: unbreak Safari iOS line wrapping # 1.6.4 - * SECURITY: exploitable /admin access - CVE-2018-9845 - * SECURITY: DoS with pad exports and arbitrary code execution - CVE-2018-9327 - * SECURITY: Remote Code Execution - CVE-2018-9326 + * SECURITY: Access Control bypass on /admin - CVE-2018-9845 + * SECURITY: Remote Code Execution through pad export - CVE-2018-9327 + * SECURITY: Remote Code Execution through JSONP handling - CVE-2018-9326 * SECURITY: Pad data leak - CVE-2018-9325 * Fix: Admin redirect URL * Fix: Various script Fixes