diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b634ca18..3ff9e7e6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # OnionShare Changelog +## 0.4 + +* Fixed critical XSS bug that could deanonymize user + https://micahflee.com/2014/07/security-advisory-upgrade-to-onionshare-0-4-immediately/ +* Added CSP headers in GUI to prevent any future XSS bugs from working +* Hash urandom data before using it, to avoid leaking state of entropy +* Constant time compare the slug to avoid timing attacks +* Cleaned up Tails firewall code + ## 0.3 * Built a simple, featureful cross-platform GUI |