Release 10 2 1 (#84)

* Release v10.2.1
sharetribe · Nov 19, 2021 · 6271b7a · 6271b7a
1 parent d299b39
commit 6271b7a
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -20,9 +20,13 @@ This file follows the best practices from [keepachangelog.com](http://keepachang
 
 ### Security
 
+## [10.2.1] - 2021-11-19
+
+### Security
+
 - [Critical] Fix OS command injection vulnerability in installations of
   Sharetribe Go that do not set explicitly the `sns_notification_token`
-  configuration variable (which is unset by default).
+  configuration variable (which is unset by default). Discoverer/Credits: Wang Sheng of State Grid Sichuan Electric Power Research Institute. [#5b844f](https://github.com/sharetribe/sharetribe/commit/5b844f8108c5458d89f0d7ba974f42d7917b5f80)
 
 ## [10.2.0] - 2021-11-18
 

diff --git a/UPGRADE.md b/UPGRADE.md
@@ -38,6 +38,10 @@ heroku config:set next_maintenance_at="2016-04-29 17:15:00 +0000" --app=<your ap
 
 See instructions how to set application in [maintenance mode in Heroku](https://devcenter.heroku.com/articles/maintenance-mode).
 
+## Upgrade from 10.2.0 to 10.2.1
+
+The new version contains a critical security fix that you should review. Otherwise, see the [General update instructions](#general-update-instructions).
+
 ## Upgrade from 10.1.0 to 10.2.0
 
 Nothing special. See the [General update instructions](#general-update-instructions).

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-10.2.0
+10.2.1