diff options
author | Florian Bruhin <me@the-compiler.org> | 2021-10-21 18:43:39 +0200 |
---|---|---|
committer | Florian Bruhin <me@the-compiler.org> | 2021-10-21 18:48:46 +0200 |
commit | 1e1aa4e89187bc70f27af18231942608003ae168 (patch) | |
tree | 85cd7c50ab3fb4f78d1437496ba08881110b328c | |
parent | bcd91f3d4a0c2abec3c2742681f71f77643cfd3d (diff) | |
download | qutebrowser-1e1aa4e89187bc70f27af18231942608003ae168.tar.gz qutebrowser-1e1aa4e89187bc70f27af18231942608003ae168.zip |
Update changelog
-rw-r--r-- | doc/changelog.asciidoc | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index c17f35eec..b3f99fb05 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -19,6 +19,14 @@ breaking changes (such as renamed commands) can happen in minor releases. v2.4.0 (unreleased) ------------------- +Security +~~~~~~~~ + +- **CVE-2021-41146**: Fix arbitrary command execution on Windows via URL handler + argument injection. See the + https://github.com/qutebrowser/qutebrowser/security/advisories/GHSA-vw27-fwjf-5qxm[security advisory] + for details. + Added ~~~~~ |