Add links to the fixes.

author: Patrick Cloke <patrickc@matrix.org> 2020-07-02 10:45:22 -0400
committer: Patrick Cloke <patrickc@matrix.org> 2020-07-02 10:45:22 -0400
commit: 5ae0a4cf76d40973d22de421e13c6ee88b0afcd4 (patch)
tree: 1711f5a63703152beb79cc8c5627a4aa98bb3631 /CHANGES.md
parent: Fix tense in the release notes. (diff)
download: synapse-5ae0a4cf76d40973d22de421e13c6ee88b0afcd4.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md
index 8b773fae18..251991f789 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -10,10 +10,10 @@ Security advisory
 
 * A malicious homeserver could force Synapse to reset the state in a room to a
   small subset of the correct state. This affects all Synapse deployments which
-  federate with untrusted servers.
+  federate with untrusted servers. ([96e9afe6](https://github.com/matrix-org/synapse/commit/96e9afe62500310977dc3cbc99a8d16d3d2fa15c))
 * HTML pages served via Synapse were vulnerable to clickjacking attacks. This
   predominantly affects homeservers with single-sign-on enabled, but all server
-  administrators are encouraged to upgrade.
+  administrators are encouraged to upgrade.  ([ea26e9a9](https://github.com/matrix-org/synapse/commit/ea26e9a98b0541fc886a1cb826a38352b7599dbe))
 
   This was reported by [Quentin Gliech](https://sandhose.fr/).
author	Patrick Cloke <patrickc@matrix.org>	2020-07-02 10:45:22 -0400
committer	Patrick Cloke <patrickc@matrix.org>	2020-07-02 10:45:22 -0400
commit	5ae0a4cf76d40973d22de421e13c6ee88b0afcd4 (patch)
tree	1711f5a63703152beb79cc8c5627a4aa98bb3631 /CHANGES.md
parent	Fix tense in the release notes. (diff)
download	synapse-5ae0a4cf76d40973d22de421e13c6ee88b0afcd4.tar.xz