From: Go MAEDA <maeda@farend.jp>
Date: Mon, 26 Apr 2021 14:12:44 +0000 (+0000)
Subject: Updates for 4.0.9 release.
X-Git-Tag: 4.0.9~1
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=6ef783417e9167aed0f66c0a8d25a8bf9b2d7a44;p=redmine.git

Updates for 4.0.9 release.


git-svn-id: http://svn.redmine.org/redmine/branches/4.0-stable@20977 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/doc/CHANGELOG b/doc/CHANGELOG
index 0d489451a..574cc1deb 100644
--- a/doc/CHANGELOG
+++ b/doc/CHANGELOG
@@ -4,6 +4,27 @@ Redmine - project management software
 Copyright (C) 2006-2021  Jean-Philippe Lang
 https://www.redmine.org/
 
+== 2021-04-26 v4.0.9
+
+=== [Gems support]
+
+* Patch #34969: Remove dependency on MimeMagic
+
+=== [Rails support]
+
+* Patch #34966: Update Rails to 5.2.5
+
+=== [Security]
+
+* Defect #34367: Allowed filename extensions of attachments can be circumvented
+* Defect #34950: SysController and MailHandlerController are vulnerable to timing attack
+* Defect #35045: Mail handler bypasses add_issue_notes permission
+* Defect #35085: Arbitrary file read in Git adapter
+
+=== [UI]
+
+* Patch #34955: Update copyright year in the footer to 2021
+
 == 2021-03-21 v4.0.8
 
 === [Accounts / authentication]
diff --git a/lib/redmine/version.rb b/lib/redmine/version.rb
index eac3682b1..b7f15c675 100644
--- a/lib/redmine/version.rb
+++ b/lib/redmine/version.rb
@@ -5,7 +5,7 @@ module Redmine
   module VERSION
     MAJOR = 4
     MINOR = 0
-    TINY  = 8
+    TINY  = 9
 
     # Branch values:
     # * official release: nil