From b85ec2b8c6ff195dafcb83415f1eacd80714b814 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Thu, 7 May 2026 10:17:17 +0530 Subject: [PATCH] Update changelog --- docs/changelog.rst | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index aab6f94a5..beb5c4873 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -204,9 +204,9 @@ Detailed list of changes - Fix thickness of diagonal lines in box drawing characters not the same as horizontal/vertical lines (:iss:`9719`) -- Graphics protocol: Fix crash when handling invalid PNG image with direct transmission +- Graphics protocol: Fix crash when handling invalid PNG image with direct transmission (:cve:`2026-33633`) -- Graphics protocol: Fix crash when handling invalid offset values in graphics compose commands +- Graphics protocol: Fix crash when handling invalid offset values in graphics compose commands (:cve:`2026-33642`) - X11: Fix a regression in the previous release that caused an occasional crash on input device removal (:iss:`9723`) @@ -238,7 +238,7 @@ Detailed list of changes - Password input in kittens: hide the cursor and display a blinking 🔒 at the end of typed characters to make it visually clear the user is entering a password -- edit-in-kitty: Ignore environment variables as some editors execute code present in env vars. Similarly ignore conf file specifications for colors. +- edit-in-kitty: Ignore environment variables as some editors execute code present in env vars. Similarly ignore conf file specifications for colors (:cve:`2026-42851`) - Command palette :sc:`command_palette`: nicer grouping of aliases and combined actions (:pull:`9819`) @@ -274,6 +274,8 @@ Detailed list of changes - choose-files kitten: Output a trailing newline when writing to a tty in text format (:iss:`9982`) +- ssh kitten: Sanitize user controlled data in error messages that might leak to shell (:cve:`2026-42850`) + 0.46.2 [2026-03-21] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~