added notice about CVE-2010-2234

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@986368 13f79535-47bb-0310-9956-ffa450edef68
author: Noah Slater <nslater@apache.org> 2010-08-17 15:58:27 +0000
committer: Noah Slater <nslater@apache.org> 2010-08-17 15:58:27 +0000
commit: f6f3e8005052a362aa1d0beab7d2c065dabcf1c4 (patch)
tree: 566d706e310a87b8c69873f449dfba64c1be6c95
parent: f6861b3f4ed38f4504f6b15fd3429cec9f7cb1c6 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 3c39579b..4d64e807 100644
--- a/NEWS
+++ b/NEWS
@@ -43,6 +43,7 @@ Version 0.11.2
   * User documents can now be deleted by admins or the user.
   * Avoid potential DOS attack by guarding all creation of atoms.
   * Some Futon and JavaScript library bugfixes.
+  * Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack
 
 Version 0.11.1
 --------------
author	Noah Slater <nslater@apache.org>	2010-08-17 15:58:27 +0000
committer	Noah Slater <nslater@apache.org>	2010-08-17 15:58:27 +0000
commit	f6f3e8005052a362aa1d0beab7d2c065dabcf1c4 (patch)
tree	566d706e310a87b8c69873f449dfba64c1be6c95
parent	f6861b3f4ed38f4504f6b15fd3429cec9f7cb1c6 (diff)