- issue2550864: Potential information leakage via journal/history Original code didn't fully implement the security checks. Users with only Edit access on a property were not able to view the journal entry for the property. This patch fixes that. Also had additional info leakage: the target object of a link or multilink must be viewable or editable in order for the journal entry to be shown. Otherwise the existance of the target is exposed via the journal while it is blocked from searches, direct access etc.

Docs
====

.. toctree::
   :maxdepth: 2

   docs/features
   docs/installation
   docs/upgrading
   docs/FAQ
   docs/user_guide
   docs/customizing
   docs/admin_guide
   docs/xmlrpc
   Design (original) <docs/design>
   docs/developers
   docs/tracker_templates
   docs/acknowledgements
   docs/license