Mercurial > p > roundup > code

diff CHANGES.txt @ 8377:edc69df0efeb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc: move XSS fix to top of fix report. Set date/version.
author John Rouillard <rouilj@ieee.org>
date Fri, 11 Jul 2025 22:31:07 -0400
parents abf1297e7a94
children e882a5d52ae5
line wrap: on
line diff
--- a/CHANGES.txt	Fri Jul 11 22:30:21 2025 -0400
+++ b/CHANGES.txt	Fri Jul 11 22:31:07 2025 -0400
@@ -13,10 +13,12 @@
 python 3.6 or newer (3.4/3.5 might work, but they are not tested).
 Roundup 2.4.0 is the last release to support Python 2.
 
-2025-XX-XX 2.5.0beta1
+2025-07-13 2.5.0
 
 Fixed:
 
+- XSS issue in devel and responsive templates. Reported by 4bug of
+  ChaMd5 Security Team H1 Group. (John Rouillard).
 - issue2551343 - Remove support for PySQLite. It is unmaintained
   and sqlite3 is used which is the default for a Python
   distribution.  (John Rouillard)
@@ -98,8 +100,6 @@
   Rouillard)
 - fix potential HTTP Response Splitting issue in
   roundup-server. Discovered by CodeQL in CI. (John Rouillard)
-- XSS issue in devel and responsive templates. Reported by 4bug of
-  ChaMd5 Security Team H1 Group. (John Rouillard).
 
 Features:
Roundup Issue Tracker: http://roundup-tracker.org/