add CHANGELOG.md

[ci skip]
cryptomator · Aug 23, 2024 · bd3c5dd · bd3c5dd
1 parent c7238a4
commit bd3c5dd
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,35 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased](https://github.com/cryptomator/hub/compare/1.3.4...HEAD)
+
+### Added
+
+- This CHANGELOG file
+- WoT: Users will now have an ECDH as well as ECDSA key (#282)
+- WoT: Users can now mutually verify their identity, hardening Hub against injection of malicious public keys (#281)
+
+### Changed
+
+- Updated Keycloak to 25.0.4
+- Updated to Java 21 (#272)
+- Updated to Quarkus 3.8.x LTS (#272)
+- Bumpd build time dependencies
+- Memoize infrequently changing data, reducing XHR roundtrips
+- Switched to JWK thumbprint format in user profile
+- Switched to Repository Pattern (#273)
+
+### Fixed
+
+- Fixed incorrect ARIA roles improving accessibility
+
+### Security
+
+- CVE-2023-45133: Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code 
+- CVE-2024-4068: Uncontrolled resource consumption in braces
+- CVE-2024-39338: Server-Side Request Forgery in axios
+