From 4606df5cb69d0f2731fd047b3a9f7c618b58023a Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 26 Apr 2023 12:24:43 +0200 Subject: [PATCH] Add change note --- java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md diff --git a/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md b/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md new file mode 100644 index 00000000000..01bbfe267bd --- /dev/null +++ b/java/ql/src/change-notes/2023-04-26-xxe-sinks-promotion.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564).