diff options
| author | Florian Bruhin <me@the-compiler.org> | 2020-05-02 19:26:11 +0200 |
|---|---|---|
| committer | Florian Bruhin <me@the-compiler.org> | 2020-05-02 19:26:11 +0200 |
| commit | 8c6cab6bc918fe3647b18ce90828d04589109c9b (patch) | |
| tree | d1fb1491d66accaaa552aa55190fe2b975d6a795 | |
| parent | 556fe81b3146e5cd2e77df9d8ce57aebbbd72eac (diff) | |
| download | qutebrowser-8c6cab6bc918fe3647b18ce90828d04589109c9b.tar.gz qutebrowser-8c6cab6bc918fe3647b18ce90828d04589109c9b.zip | |
Update changelog
| -rw-r--r-- | doc/changelog.asciidoc | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index 436bf16f1..3c438f6fc 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -15,6 +15,20 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Fixed` for any bug fixes. // `Security` to invite users to upgrade in case of vulnerabilities. +v1.11.1 (unreleased) +-------------------- + +Security +~~~~~~~~ + +- After a certificate error was overridden by the user, qutebrowser displays + the URL as yellow (`colors.statusbar.url.warn.fg`). However, when the + affected website was subsequently loaded again, the URL was mistakenly + displayed as green (`colors.statusbar.url.success_https`). While the user + already has seen a certificate error prompt at this point (or set + `content.ssl_strict` to `false` which is not recommended), this could still + provide a false sense of security. This is now fixed. + v1.11.0 (2020-04-27) -------------------- |