diff options
author | David Mehren | 2021-05-06 20:48:30 +0200 |
---|---|---|
committer | David Mehren | 2021-05-06 21:34:30 +0200 |
commit | 2c12feb127259545c11dcbd0ad3d4aa64cd90a4b (patch) | |
tree | fd643666376d24d886cb50705b07e873daed03ea | |
parent | d9604ce1341b13604f33ede8eb0b6b898f8d85fd (diff) |
Fix 1.8.0 changelog
CVE-2021-29475 has been fixed since
HedgeDoc 1.5.0, instead of 1.6.0
Signed-off-by: David Mehren <git@herrmehren.de>
-rw-r--r-- | public/docs/release-notes.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index d3173450..38b64d34 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -11,7 +11,7 @@ This release fixes multiple security issues. We recommend upgrading as soon as p This issue allowed an attacker to hang HedgeDoc by inserting a malicious string into a note. Thanks to Ralph Krimmel for reporting! We also published an advisory for [CVE-2021-29475: PDF export allows arbitrary file reads](https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pxxg-px9v-6qf3), -which has already been fixed since HedgeDoc 1.6.0. +which has already been fixed since HedgeDoc 1.5.0. ### Features - Database migrations are now automatically applied on application startup |