From 70c7df8faa5a9023a2773dc5a38932f1ad3a84aa Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 17 Oct 2013 10:17:32 +0200
Subject: Fix vulnerability in handling _session argument of utils/save-prefs
 (#1489382)

---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

(limited to 'CHANGELOG')

diff --git a/CHANGELOG b/CHANGELOG
index 2b7e5c777..bdc5c5a1f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
 - Fix iframe onload for upload errors handling (#1489379)
 - Fix address matching in Return-Path header on identity selection (#1489374)
 - Fix HTML part detection when encapsulated inside multipart/signed (#1489372)
-- 
cgit v1.2.3