diff options
author | Dirkjan Ochtman <dirkjan@ochtman.nl> | 2014-04-15 09:13:19 +0200 |
---|---|---|
committer | Dirkjan Ochtman <dirkjan@ochtman.nl> | 2014-04-15 09:13:19 +0200 |
commit | cd5220ff68856f8e17835595c1f91b0c58214310 (patch) | |
tree | 9862aa15396e8a41d381e2c53f60dc83d6d5ff7e | |
parent | 81d753a03ee5a2b744273726d02fea5e1d2289b5 (diff) | |
download | couchdb-cd5220ff68856f8e17835595c1f91b0c58214310.tar.gz |
Update 1.6.0 notes with proper CVE-2014-2668 note
-rw-r--r-- | share/doc/src/whatsnew/1.6.rst | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/share/doc/src/whatsnew/1.6.rst b/share/doc/src/whatsnew/1.6.rst index 8ddbea1a7..d99bb0b41 100644 --- a/share/doc/src/whatsnew/1.6.rst +++ b/share/doc/src/whatsnew/1.6.rst @@ -33,9 +33,6 @@ as deprecated and will be removed in future releases. It's strongly recommended to update :config:option:`httpd/authentication_handlers` option with new value in case if you had used such handler. -Note that this release also contains the security fix for CVE-2014-2668 that -was first fixed in :ref:`release/1.5.1`. - .. _release/1.6.0: Version 1.6.0 @@ -44,6 +41,9 @@ Version 1.6.0 * Fauxton: many improvements in our experimental new user interface, including switching the code editor from CodeMirror to Ace as well as better support for various browsers. +* Add the ``max_count`` option (:ref:`config/uuids`) to allow rate-limiting + the amount of UUIDs that can be requested from the :ref:`api/server/uuids` + handler in a single request (:ref:`CVE 2014-2668 <cve/2014-2668>`). * :issue:`1986`: increase socket buffer size to improve replication speed for large documents and attachments, and fix tests on BSD-like systems. :commit:`9a0e561b` |