From 945bba777bb65c6d9820e49ffec9c2b28ca01a62 Mon Sep 17 00:00:00 2001 From: David Peter Date: Tue, 13 Jul 2021 10:56:51 +0200 Subject: [PATCH] Upgrade CHANGELOG with security vulnerability notice --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ddef4de5..438c902e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,15 +28,17 @@ ## Bugfixes +- Fix for a security vulnerability on Windows. Prior to this release, `bat` would execute programs called `less`/`less.exe` from the current working directory (instead of the one from `PATH`) with priority. An attacker might be able to use this by placing a malicious program in a shared directory where the user would execute `bat`. `bat` users on Windows are advised to upgrade to this version. See #1724 and #1472 (@Ry0taK). ## Other +- Add bash completion, see #1678 (@scop) - Fix Clippy lints, see #1661 (@mohamed-abdelnour) - Add syntax highlighting test files, see #1213 and #1668 (@mohamed-abdelnour) -- Add bash completion, see #1678 (@scop) ## Syntaxes +- Upgraded Julia syntax to fix a highlighting bug, see #1692 - Added support for `dash` syntax, see #1654 (@mohamed-abdelnour) - Added support for `XAML` syntax, see #1590 and #1655 (@mohamed-abdelnour) - Apply `DotENV` syntax also for `.env.default` and `.env.defaults` files, see #1669