diff options
| -rw-r--r-- | doc/changelog.asciidoc | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index 436bf16f1..3c438f6fc 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -15,6 +15,20 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Fixed` for any bug fixes. // `Security` to invite users to upgrade in case of vulnerabilities. +v1.11.1 (unreleased) +-------------------- + +Security +~~~~~~~~ + +- After a certificate error was overridden by the user, qutebrowser displays + the URL as yellow (`colors.statusbar.url.warn.fg`). However, when the + affected website was subsequently loaded again, the URL was mistakenly + displayed as green (`colors.statusbar.url.success_https`). While the user + already has seen a certificate error prompt at this point (or set + `content.ssl_strict` to `false` which is not recommended), this could still + provide a false sense of security. This is now fixed. + v1.11.0 (2020-04-27) -------------------- |