Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / f411e9cc5bb04248aa412214e780d3af24d0da3d^! / . / user_guide_src / source / changelog.rst
commitf411e9cc5bb04248aa412214e780d3af24d0da3d[log] [tgz]
authorAndrey Andreev <narf@devilix.net>Sat May 31 21:02:23 2014 +0300
committerAndrey Andreev <narf@devilix.net>Sat May 31 21:02:23 2014 +0300
tree6f23dac49b1931c28eee9fe03e2d1b40c4f70eee
parent632bb4a595714b6d14d02f80933dd7859f6fa90d [diff] [blame]
[ci skip] Update changelog

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index e2b3756..8492be2 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst

@@ -726,7 +726,6 @@
 -  Fixed a bug (#2737) - :doc:`XML-RPC Library <libraries/xmlrpc>` used objects as array keys, which triggered E_NOTICE messages.
 -  Fixed a bug (#2729) - :doc:`Security Library <libraries/security>` internal method ``_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives.
 -  Fixed a bug (#2771) - :doc:`Security Library <libraries/security>` method ``xss_clean()`` didn't take into account HTML5 entities.
--  Fixed a bug in the :doc:`Session Library <libraries/sessions>` 'cookie' driver where authentication was not performed for encrypted cookies.
 -  Fixed a bug (#2856) - ODBC method ``affected_rows()`` passed an incorrect value to ``odbc_num_rows()``.
 -  Fixed a bug (#43) :doc:`Image Manipulation Library <libraries/image_lib>` method ``text_watermark()`` didn't properly determine watermark placement.
 -  Fixed a bug where :doc:`HTML Table Library <libraries/table>` ignored its *auto_heading* setting if headings were not already set.
@@ -743,6 +742,7 @@
 -  General Changes
 
    - Security: :doc:`Encrypt Library <libraries/encrypt>` method ``xor_encode()`` has been removed. The Encrypt Class now requires the Mcrypt extension to be installed.
+   - Security: The :doc:`Session Library <libraries/sessions>` now uses HMAC authentication instead of a simple MD5 checksum.
 
 Bug fixes for 2.2.0
 -------------------
@@ -751,6 +751,7 @@
 -  Fixed a bug (#696) - make ``oci_execute()`` calls inside ``num_rows()`` non-committing, since they are only there to reset which row is next in line for oci_fetch calls and thus don't need to be committed.
 -  Fixed a bug (#2689) - :doc:`Database Force <database/forge>` methods ``create_table()``, ``drop_table()`` and ``rename_table()`` produced broken SQL for tge 'sqlsrv' driver.
 -  Fixed a bug (#2427) - PDO :doc:`Database driver <database/index>` didn't properly check for query failures.
+-  Fixed a bug in the :doc:`Session Library <libraries/sessions>` where authentication was not performed for encrypted cookies.
 
 Version 2.1.4
 =============