Merge pull request #16 from freedomofpress/cves-changelog

Document CVEs in changelog
freedomofpress · Jan 30, 2025 · 2362b6f · 2362b6f
2 parents 7ded107 + 564be9e
commit 2362b6f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/changelog.md b/changelog.md
@@ -5,8 +5,8 @@
 This release contains fixes for two security issues; please see our advisory for more details.
 
 * Security fixes:
-  * Prevent path manipulation/traversal attacks in SDK
-  * Don't send source VM name to sd-log
+  * Prevent path manipulation/traversal attacks in SDK (CVE-2025-24888)
+  * Don't send source VM name to sd-log (CVE-2025-24889)
 
 * Miscellaneous:
   * Update year in messages.pot