From 70c7df8faa5a9023a2773dc5a38932f1ad3a84aa Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 17 Oct 2013 04:17:32 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 CHANGELOG |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 2b7e5c7..bdc5c5a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
 - Fix iframe onload for upload errors handling (#1489379)
 - Fix address matching in Return-Path header on identity selection (#1489374)
 - Fix HTML part detection when encapsulated inside multipart/signed (#1489372)

--
Gitblit v1.9.1