chore: update changelog

davewasmer · Jun 10, 2020 · 73b0e6a · 73b0e6a
1 parent e0e8ae3
commit 73b0e6a
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,22 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+<a name="1.1.1"></a>
+# [1.1.1](https://github.com/davewasmer/devcert/releases/tag/v1.1.r10)
+
+### Bug Fixes
+
+#### [#55](https://github.com/davewasmer/devcert/pull/55): Fix remote execution vulnerability by switching from execSync to execFileSync 
+
+- Change `run()` to use `execFileSync`
+- Refactor codebase to use new signature of `run()`
+- Add an extra sanitizing step: test arguments passed to `certificateFor` with a (fairly permissive) regular expression limiting them to legal domain name chars
+
+### ⚠️ This is a mandatory update! ⚠️
+
+This release fixes a security vulnerability in previous versions. Previous versions will be deprecated.
+
+
 <a name="1.1.0"></a>
 # [1.1.0](https://github.com/davewasmer/devcert/releases/tag/v1.1.0)