X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=ChangeLog;h=c7d89a59a82e46b555040cbede5f51f92ac2b14a;hb=c26bc91d76e11f9d6d1457b43b82404029f9a054;hp=27be3e948cabf11b7ccb7cc21935f3aa4dcd0afa;hpb=2545e7bdf1845332e3a17791dac1cad853e1aee3;p=privoxy.git

diff --git a/ChangeLog b/ChangeLog
index 27be3e94..c7d89a59 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,11 @@ ChangeLog for Privoxy
     values above FD_SETSIZE are properly rejected. Previously they
     could cause memory corruption in configurations that allowed
     the limit to be reached.
+  - Proxy authentication headers are removed unless the new directive
+    enable-proxy-authentication-forwarding is used. Forwarding the
+    headers potentially allows malicious sites to trick the user
+    into providing them with login information.
+    Reported by Chris John Riley.
   - Compiles on OS/2 again now that unistd.h is only included
     on platforms that have it.
 
@@ -26,6 +31,8 @@ ChangeLog for Privoxy
     Reported by u302320 in #360284, additional feedback from Adam Piggott.
   - Unblock '.advrider.com/' and '/.*ADVrider'.
     Anonymously reported in #3603636.
+  - Stop blocking '/js/slider\.js'.
+    Reported by Adam Piggott in #3606635 and _lvm in #2791160.
 
 - Filter file improvements:
   - Added an iframes filter.