add news item for ikiwiki 2.42

2 files changed, 8 insertions, 4 deletions

diff --git a/doc/news/version_2.31.1.mdwn b/doc/news/version_2.31.1.mdwn
deleted file mode 100644
index 131194372..000000000
--- a/doc/news/version_2.31.1.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-ikiwiki 2.31.1 released with [[toggle text="these changes"]]
-[[toggleable text="""
-  * htmlscrubber security fix: Block javascript in uris.
-  * Add htmlscrubber test suite."""]]
diff --git a/doc/news/version_2.42.mdwn b/doc/news/version_2.42.mdwn
new file mode 100644
index 000000000..cb7ebf5d6
--- /dev/null
+++ b/doc/news/version_2.42.mdwn
@@ -0,0 +1,8 @@
+ikiwiki 2.42 released with [[toggle text="these changes"]]
+[[toggleable text="""
+   * aggregate: Correct a mistake in the code that dummy up a guid for feeds
+     lacking one.
+   * inline: Correct handling of urls relative to baseurl in feeds.
+   * Fix CSRF attacks against the preferences and edit forms. The fix involved
+     embedding the session id in the forms, and not allowing the forms to be
+     submitted if the embedded id does not match the session id. Closes: #[475445](http://bugs.debian.org/475445)"""]]
\ No newline at end of file