Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 0abc55a22535586929fb146a81d1cee68dbccd10^! / . / user_guide_src / source / changelog.rst
commit0abc55a22535586929fb146a81d1cee68dbccd10[log] [tgz]
authorAndrey Andreev <narf@devilix.net>Sat Oct 31 19:30:41 2015 +0200
committerAndrey Andreev <narf@devilix.net>Sat Oct 31 19:30:41 2015 +0200
tree74da8cb615aec63817928591e61872b6242292a5
parentf8deea583f0cb68a83a44d361c0db3c86f387f95 [diff] [blame]
[ci skip] Update changelog, version & upgrade instructions

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index f9f451d..d67ae4e 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst

@@ -5,7 +5,13 @@
 Version 3.0.3
 =============
 
-Release Date: Not Released
+Release Date: October 31, 2015
+
+-  **Security**
+
+   -  Fixed an XSS attack vector in :doc:`Security Library <libraries/security>` method ``xss_clean()``.
+   -  Changed :doc:`Config Library <libraries/config>` method ``base_url()`` to fallback to ``$_SERVER['SERVER_ADDR']`` when ``$config['base_url']`` is empty in order to avoid *Host* header injections.
+   -  Changed :doc:`CAPTCHA Helper <helpers/captcha_helper>` to use the operating system's PRNG when possible.
 
 -  Database