From 2d9f68710eb5b025fb72093423be25b65bd20a3a Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Wed, 6 Jul 2016 17:07:46 +0200
Subject: [PATCH] Release version 2.4.1

---
 CHANGELOG.md | 12 ++++++++++++
 pom.xml      |  2 +-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 663507032..f81160d11 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,17 @@
 # Changelog
 
+## 2.4.1
+This release fixes a security vulnerability caused by the CORS implementation.
+Origins allowed for CORS can now be set in the configuration via
+`security.cors.origins`. (Reported by Rainer Rillke at Wikimedia)
+
+Additionally, authentication via disabled services is now entirely blocked to
+fix a security vulnerability allowing guest access despite the setting
+`security.guest.enabled=false`. (Reported by Rainer Rillke at Wikimedia)
+
+Additional changes:
+* Libraries have been upgraded to fix potential bugs
+
 ## 2.3.3
 This release fixes a security vulnerability caused by the CORS implementation.
 Origins allowed for CORS can now be set in the configuration via
diff --git a/pom.xml b/pom.xml
index 390523a5f..3b543c8e7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>de.thm.arsnova</groupId>
 	<artifactId>arsnova-backend</artifactId>
-	<version>2.4.1-SNAPSHOT</version>
+	<version>2.4.1</version>
 	<packaging>war</packaging>
 
 	<properties>
-- 
GitLab