changelog tweaks v0.99.3.1 release-v0.99.3.1

author: Richard van der Hoff <richard@matrix.org> 2019-05-03 16:09:34 +0100
committer: Richard van der Hoff <richard@matrix.org> 2019-05-03 16:09:34 +0100
commit: f73f18fe7baba7e6f442e308112eeba91e4b8a61 (patch)
tree: c7bcc52b91e78126eeaefb9fcafde804e026881b /CHANGES.md
parent: 0.99.3.1 (diff)
download: synapse-f73f18fe7baba7e6f442e308112eeba91e4b8a61.tar.xz
1 files changed, 4 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md
index d8eba2ec60..4b84e20823 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,8 +1,10 @@
 Synapse 0.99.3.1 (2019-05-03)
 =============================
 
-Bugfixes
---------
+Security update
+---------------
+
+This release includes two security fixes:
 
 - Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue! ([\#5133](https://github.com/matrix-org/synapse/issues/5133))
 - Blacklist 0.0.0.0 and :: by default for URL previews. Thanks to @opnsec for identifying and responsibly disclosing this issue too! ([\#5134](https://github.com/matrix-org/synapse/issues/5134))
author	Richard van der Hoff <richard@matrix.org>	2019-05-03 16:09:34 +0100
committer	Richard van der Hoff <richard@matrix.org>	2019-05-03 16:09:34 +0100
commit	f73f18fe7baba7e6f442e308112eeba91e4b8a61 (patch)
tree	c7bcc52b91e78126eeaefb9fcafde804e026881b /CHANGES.md
parent	0.99.3.1 (diff)
download	synapse-f73f18fe7baba7e6f442e308112eeba91e4b8a61.tar.xz