add news item for ikiwiki 2.42

author: Joey Hess <joey@kodama.kitenet.net> 2008-04-10 17:24:24 -0400
committer: Joey Hess <joey@kodama.kitenet.net> 2008-04-10 17:24:24 -0400
commit: a91f044044dde8cbb86254aaa2275632cd844585 (patch)
tree: b741e5a82366b3f5086bdb754748fce47717f9f2 /doc/news
parent: 7f51c69491c7136070c1cafb93a92c548a432772 (diff)
2 files changed, 8 insertions, 4 deletions
diff --git a/doc/news/version_2.31.1.mdwn b/doc/news/version_2.31.1.mdwn
deleted file mode 100644
index 131194372..000000000
--- a/doc/news/version_2.31.1.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-ikiwiki 2.31.1 released with [[toggle text="these changes"]]
-[[toggleable text="""
-  * htmlscrubber security fix: Block javascript in uris.
-  * Add htmlscrubber test suite."""]]
diff --git a/doc/news/version_2.42.mdwn b/doc/news/version_2.42.mdwn
new file mode 100644
index 000000000..cb7ebf5d6
--- /dev/null
+++ b/doc/news/version_2.42.mdwn
@@ -0,0 +1,8 @@
+ikiwiki 2.42 released with [[toggle text="these changes"]]
+[[toggleable text="""
+   * aggregate: Correct a mistake in the code that dummy up a guid for feeds
+     lacking one.
+   * inline: Correct handling of urls relative to baseurl in feeds.
+   * Fix CSRF attacks against the preferences and edit forms. The fix involved
+     embedding the session id in the forms, and not allowing the forms to be
+     submitted if the embedded id does not match the session id. Closes: #[475445](http://bugs.debian.org/475445)"""]]
+\ No newline at end of file
author	Joey Hess <joey@kodama.kitenet.net>	2008-04-10 17:24:24 -0400
committer	Joey Hess <joey@kodama.kitenet.net>	2008-04-10 17:24:24 -0400
commit	a91f044044dde8cbb86254aaa2275632cd844585 (patch)
tree	b741e5a82366b3f5086bdb754748fce47717f9f2 /doc/news
parent	7f51c69491c7136070c1cafb93a92c548a432772 (diff)