068065e update %changelog for unresolved CVE-2014-2327

Authored and Committed by ktdreyer 9 years ago
1 file changed. 0 lines added. 1 lines removed.
    update %changelog for unresolved CVE-2014-2327
    
    CVE-2014-2327, missing CSRF token, is not yet resolved. It is still
    tracked at RHBZ #1082122.
    
    Tony Roman <troman@cacti.net> wrote at
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768:
    
      "As for CVE-2014-2327 Cross Site Request Forgery Vulnerability, I'm still
      working on a solution.  I have some limited time this weekend to work on
      this fix.  But I will be on the west coast for business this next week
      and will have time at night to work on this fix."
    
        
file modified
+0 -1