From 16ea6830ddc2200aa5b553fe995af9be403f690d Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <dev@bernhard-posselt.com>
Date: Thu, 12 Nov 2015 17:35:13 +0100
Subject: version bump

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'CHANGELOG.md')

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 40b1b9c07..87f85e5e0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,6 @@
+owncloud-news (6.1.1)
+* **Security**: Update picoFeed to add an [XXE fix for php-fpm](http://framework.zend.com/security/advisory/ZF2015-06) on systems with PHP <5.5.22 or >5.6 and <5.6.6. This issue allows any user with access to the News app to read abitrary files from the server. For more information read up on the [Zend advisory](http://framework.zend.com/security/advisory/ZF2015-06) and the [OWASP page](https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing). Affected supported distributions include [Ubuntu 14.04](https://bugs.launchpad.net/ubuntu/trusty/+source/php5/+bug/1509817)
+
 owncloud-news (6.1.0)
 * **Backwards incompatible change**: Removed several web routes and feed service methods by generalizing feed object changes using a patch method
 * **Enhancement**: Update articles if the pubdate is newer than the current one, #877
-- 
cgit v1.2.3