This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git
The following commit(s) were added to refs/heads/master by this push: new 28c9b6ffd publicize security fix in changelog 28c9b6ffd is described below commit 28c9b6ffd13b10c56b9358df17e6aae401db53c6 Author: Dave Brondsema <dbronds...@slashdotmedia.com> AuthorDate: Fri Jun 21 13:41:56 2024 -0400 publicize security fix in changelog --- CHANGES | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES b/CHANGES index ee412b729..83471a400 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Upgrade Instructions If using docker, rebuild the allura image and restart containers. +Security Fix + * [#8563] CVE 2024-38379 authenticated XSS possible for neighborhood admins + Breaking Changes * [#8556] remove has_access(..)() syntax. Custom extensions using this syntax will need to remove the second ()