diff options
| -rw-r--r-- | phpBB/docs/CHANGELOG.html | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 0e6814d394..844254bf22 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -107,6 +107,7 @@ <li>[Change] Performance increase for get_username_string() (Bug #37545 - Patch by BartVB)</li> <li>[Change] Slight performance increase for common parameter calls to append_sid() (Bug #37555 - Patch by BartVB)</li> <li>[Feature] Added 'AGO' setting to relative date strings. For example: posted 14 minutes ago. (Patch by BartVB)</li> + <li>[Sec] Fixed an issue where deactivated accounts could be re-activated without the required privileges.(Thanks Jorick)</li> </ul> <a name="v302"></a><h3>1.ii. Changes since 3.0.2</h3> @@ -192,6 +193,7 @@ <li>[Change] MCP topic view checkboxes now default to unchecked.</li> <li>[Change] Adjust language key <em>SPLIT_AFTER</em> to make the action clearer.</li> <li>[Change] Add links to the post and forum when viewing a report from the MCP. (Bugs #33795, #33805)</li> + <li>[Change] Added CSRF protection to GET-only actions like marking forums.</li> <li>[Change] Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw)</li> <li>[Feature] Allow limited inheritance for template sets.</li> |