Mercurial > hg > orthanc

changeset 6566:54892594ebe1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
security flaw credits
author Alain Mazy <am@orthanc.team>
date Mon, 19 Jan 2026 16:35:02 +0100
parents 63904b9a5267
children bb56a9cccf75
files NEWS
diffstat 1 files changed, 1 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/NEWS	Mon Jan 19 16:30:14 2026 +0100
+++ b/NEWS	Mon Jan 19 16:35:02 2026 +0100
@@ -13,6 +13,7 @@
   - "orthanc_logged_warnings_count"
 * Fixed a security issue where one could hijack HTTP headers in the response
   through the `filename` argument of "/.../file" or "/.../archive" routes.
+  (credits: Pavel Kohout, Aisle Research. www.aisle.com)
 * In tools/find, filtering against "LabelsConstraint": "None" with an empty "Labels" list
   now returns all resources that do not have any labels attached instead of returning all resources.
   This applies to the default SQLite DB and will apply to the next PostgreSQL plugin (v 10.1)