changes for 5.7.1, 5.7.2

7 years ago · 1ed04ffa8a
parent 11a2e6d52e
commit 1ed04ffa8a
1 changed files with 15 additions and 0 deletions
--- a/docs/source/changelog.rst
+++ b/docs/source/changelog.rst
@ -21,6 +21,21 @@ We strongly recommend that you upgrade pip to version 9+ of pip before upgrading
    Use ``pip install pip --upgrade`` to upgrade pip. Check pip version with
    ``pip --version``.

+.. _release-5.7.2:
+
+5.7.2
+-----
+
+5.7.2 contains a security fix preventing malicious directory names
+from being able to execute javascript. CVE request pending.
+
+.. _release-5.7.1:
+
+5.7.1
+-----
+
+5.7.1 contains a security fix preventing nbconvert endpoints from executing javascript with access to the server API. CVE request pending.
+
 .. _release-5.7.0:

 5.7.0