summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLauri Ojansivu <x@xet7.org>2018-05-26 07:33:32 +0300
committerLauri Ojansivu <x@xet7.org>2018-05-26 07:33:32 +0300
commit7eeabf14be3c63fae2226e561ef8a0c1390c8d3c (patch)
tree958a1c99724fcde4567f70c42c3426200ac15f7e
parent4b2010213907c61b0e0482ab55abb06f6a668eac (diff)
downloadwekan-7eeabf14be3c63fae2226e561ef8a0c1390c8d3c.tar.gz
wekan-7eeabf14be3c63fae2226e561ef8a0c1390c8d3c.tar.bz2
wekan-7eeabf14be3c63fae2226e561ef8a0c1390c8d3c.zip
Remove binary version of bcrypt because of security vulnerability.
This may cause some slowdown.
-rw-r--r--CHANGELOG.md8
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6698a16a..a9955ac0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+# Upcoming Wekan release
+
+* [Remove binary version of bcrypt](https://github.com/wekan/wekan/commit/4b2010213907c61b0e0482ab55abb06f6a668eac)
+ because of [vulnerability that is not fixed yet](https://github.com/kelektiv/node.bcrypt.js/issues/604) that
+ [is not fixed yet](https://github.com/kelektiv/node.bcrypt.js/pull/606).
+
+Thanks to GitHub user xet7 for contributions.
+
# v1.01 2018-05-23 Wekan release
This release possibly fixes the following bugs, please test: