NEWS: mention CVE-2007-2027

2024-12-04 14:46:47 -05:00 · 2007-05-06 10:19:38 +03:00 · 2007-05-06 10:19:38 +03:00 · 156f9722b2
commit 156f9722b2
parent 652a4bf663
1 changed files with 2 additions and 0 deletions
--- a/2
+++ b/2
@ -11,6 +11,8 @@ ELinks 0.11.3.GIT now:
 To be released as 0.11.4.

 * critical bug 945: don't crash if a Lua script calls e.g. error(nil)
+* CVE-2007-2027: check if the program path contains "src/" before
+  using ../po files
 * important Debian bug 380347: prevent a buffer overflow in entity_cache
  and a possible subsequent crash
 * bug 691: don't look up bogus IPv4 addresses based on characters of a