diff options
| -rw-r--r-- | doc/changelog.asciidoc | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index fe331fbf4..3ea80be50 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -15,6 +15,26 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Fixed` for any bug fixes. // `Security` to invite users to upgrade in case of vulnerabilities. +v1.3.3 +------ + +Security +~~~~~~~~ + +- An XSS vulnerability on the `qute://history` page allowed websites to inject + HTML into the page via a crafted title tag. This could allow them to steal + your browsing history. If you're currently unable to upgrade, avoid using + `:history`. + +Fixed +~~~~~ + +- Crash in a workaround for a Qt 5.11 bug in rare circumstances. +- Workaround for a Qt bug which preserves searches between page loads. +- In v1.3.2 a dependency on the `PyQt5.QtQuickWidgets` module was accidentally + introduced. Since that module isn't packaged everywhere, it's been removed + again. + v1.3.2 ------ |