Bug 996164: Release notes for Bugzilla 4.4.3

r=dkl a=justdave

1 files changed, 27 insertions, 0 deletions

diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl
index 226ba1457..f1b7622c6 100644
--- a/template/en/default/pages/release-notes.html.tmpl
+++ b/template/en/default/pages/release-notes.html.tmpl
@@ -45,6 +45,33 @@
 
 <h2 id="v44_point">Updates in this 4.4.x Release</h2>
 
+<h3>4.4.3</h3>
+
+<p>This release fixes two security issues. See the
+  <a href="http://www.bugzilla.org/security/4.0.11/">Security Advisory</a>
+  for details.</p>
+
+<p>In addition, the following important fixes/changes have been made in this release:</p>
+
+<ul>
+  <li>The <kbd>User.login</kbd> WebService method now also returns a
+    <kbd>token</kbd> argument containing a login token which you can use in
+    subsequent calls to authenticate. For security reasons, this method
+    no longer generates login cookies.
+    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=893195">[% terms.Bug %] 893195</a>)</li>
+  <li>The <kbd>User.get</kbd> WebService method now correctly takes the
+    <kbd>maxusermatches</kbd> parameter into account when the <kbd>match</kbd>
+    argument is passed. Previously, it was returning all matching accounts.
+    To further limit the number of accounts returned by <kbd>User.get</kbd>,
+    you can now pass the <kbd>limit</kbd> argument.
+    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=962060">[% terms.Bug %] 962060</a>)</li>
+  <li>The sudo cookie is no longer accessible from JavaScript.
+    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=966676">[% terms.Bug %] 966676</a>)</li>
+  <li>Large dependency trees with lots of resolved [% terms.bugs %] now load
+    much faster.
+    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=961789">[% terms.Bug %] 961789</a>)</li>
+</ul>
+
 <h3>4.4.2</h3>
 
 <p>The following [% terms.bugs %] have been fixed in this release:</p>