- Change default paster template generator to use ``Paste#http``

server rather than ``PasteScript#cherrpy`` server. The cherrypy server has a security risk in it when ``REMOTE_USER`` is trusted by the downstream application.
author: Chris McDonough <chrism@agendaless.com> 2008-11-01 19:26:08 +0000
committer: Chris McDonough <chrism@agendaless.com> 2008-11-01 19:26:08 +0000
commit: 65e110304147fa4c19d9c6cc29e0f289e1465b4b (patch)
tree: 354e0972c49e364a4e606a64558e3ea22056a8d3 /CHANGES.txt
parent: 4af9009e1765ea413465d477060b3d82f470562f (diff)
download: pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.tar.gz
pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.tar.bz2
pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index dcbe01bb3..d8a30aa4a 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,3 +1,10 @@
+Next release
+
+  - Change default paster template generator to use ``Paste#http``
+    server rather than ``PasteScript#cherrpy`` server.  The cherrypy
+    server has a security risk in it when ``REMOTE_USER`` is trusted
+    by the downstream application.
+
 0.4.1 (10/28/2008)
 
   Bug Fixes
author	Chris McDonough <chrism@agendaless.com>	2008-11-01 19:26:08 +0000
committer	Chris McDonough <chrism@agendaless.com>	2008-11-01 19:26:08 +0000
commit	65e110304147fa4c19d9c6cc29e0f289e1465b4b (patch)
tree	354e0972c49e364a4e606a64558e3ea22056a8d3 /CHANGES.txt
parent	4af9009e1765ea413465d477060b3d82f470562f (diff)
download	pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.tar.gz pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.tar.bz2 pyramid-65e110304147fa4c19d9c6cc29e0f289e1465b4b.zip