update %changelog for unresolved CVE-2014-2327
CVE-2014-2327, missing CSRF token, is not yet resolved. It is still
tracked at RHBZ #1082122.
Tony Roman <email@example.com> wrote at
"As for CVE-2014-2327 Cross Site Request Forgery Vulnerability, I'm still
working on a solution. I have some limited time this weekend to work on
this fix. But I will be on the west coast for business this next week
and will have time at night to work on this fix."