diff options
author | Micah Lee <micah@micahflee.com> | 2014-08-20 17:47:07 -0700 |
---|---|---|
committer | Micah Lee <micah@micahflee.com> | 2014-08-20 17:47:07 -0700 |
commit | b946c2f20adc813deec66f62e4fede79356429d2 (patch) | |
tree | 01c30466e933e62b563d7fd9db2272a9a2734edf /CHANGELOG.md | |
parent | 428447690261968af19808c1c887ebd488fd0bd1 (diff) | |
download | onionshare-b946c2f20adc813deec66f62e4fede79356429d2.tar.gz onionshare-b946c2f20adc813deec66f62e4fede79356429d2.zip |
added 0.4 to changelog
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b634ca18..3ff9e7e6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # OnionShare Changelog +## 0.4 + +* Fixed critical XSS bug that could deanonymize user + https://micahflee.com/2014/07/security-advisory-upgrade-to-onionshare-0-4-immediately/ +* Added CSP headers in GUI to prevent any future XSS bugs from working +* Hash urandom data before using it, to avoid leaking state of entropy +* Constant time compare the slug to avoid timing attacks +* Cleaned up Tails firewall code + ## 0.3 * Built a simple, featureful cross-platform GUI |