From f05065b0111adaa311ab909c29c1b93bd34451fc Mon Sep 17 00:00:00 2001
From: Mark Sapiro <mark@msapiro.net>
Date: Mon, 4 Feb 2008 17:47:24 -0800
Subject: The 2.1.10 security enhancements have been assigned a new CVE. 
 Updated NEWS accordingly.

---
 NEWS | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 68b2d0af..1a11b661 100644
--- a/NEWS
+++ b/NEWS
@@ -8,11 +8,11 @@ Here is a history of user visible changes to Mailman.
 
   Security
 
-    - The 2.1.9 fixes for CVE-2006-3636 have been enhanced.  In particular,
-      many potential cross-site scripting attacks have are now detected in
+    - The 2.1.9 fixes for CVE-2006-3636 were not complete.  In particular,
+      some potential cross-site scripting attacks were not detected in
       editing templates and updating the list's info attribute via the web
-      admin interface.  Thanks again to Moritz Naumann for assistance with
-      this.
+      admin interface.  This has been assigned CVE-2008-0564 and has been
+      fixed.  Thanks again to Moritz Naumann for assistance with this.
 
   New Features
 
-- 
cgit v1.2.3