Mercurial > p > roundup > code

diff CHANGES.txt @ 4308:b30bdfae4461

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix security hole allowing user permission escalation (thanks Ralf Schlatterbeck) also update docs and prepare for a release
author Richard Jones <richard@users.sourceforge.net>
date Sun, 20 Dec 2009 23:24:21 +0000
parents 82f7f8708e1b
children 4ce71b5480a8
line wrap: on
line diff
--- a/CHANGES.txt	Fri Dec 18 11:00:34 2009 +0000
+++ b/CHANGES.txt	Sun Dec 20 23:24:21 2009 +0000
@@ -7,6 +7,8 @@
 - Generic class editor may now restore retired items (thanks Ralf Hemmecke)
 
 Fixes:
+- Fix security hole allowing user permission escalation (thanks Ralf
+  Schlatterbeck)
 - More SSL fixes. SSL wants the underlying socket non-blocking. So we
   don't call socket.setdefaulttimeout in case of SSL. This apparently
   never raises a WantReadError from SSL.
Roundup Issue Tracker: http://roundup-tracker.org/