Catch up with recent change notes

2026-05-05 05:35:13 +02:00 · 2021-11-29 16:41:18 -05:00
parent 5ed9029143
commit 9f6c0991cf
6 changed files with 30 additions and 0 deletions
--- a/python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md
+++ b/python/ql/lib/change-notes/2021-11-15-model-wsgiref-simple-server-app.md
@@ -0,0 +1,5 @@
+---
+category: majorAnalysis
+tags: [lgtm,codescanning]
+---
+* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
--- a/python/ql/lib/change-notes/2021-11-16-os-stat.md
+++ b/python/ql/lib/change-notes/2021-11-16-os-stat.md
@@ -0,0 +1,5 @@
+---
+category: majorAnalysis
+tags: [lgtm,codescanning]
+---
+* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
--- a/python/ql/lib/change-notes/2021-11-16-posixpath.md
+++ b/python/ql/lib/change-notes/2021-11-16-posixpath.md
@@ -0,0 +1,5 @@
+---
+category: majorAnalysis
+tags: [lgtm,codescanning]
+---
+* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.