From b361a4c0562c41f1cbf3cacd72bc8201d5ade3b7 Mon Sep 17 00:00:00 2001
From: Ian Cordasco <graffatcolmingov@gmail.com>
Date: Wed, 2 Apr 2014 19:04:58 -0500
Subject: [PATCH] Make note of the fact that we fixed some CVEs

---
 HISTORY.rst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/HISTORY.rst b/HISTORY.rst
index 19c2ff1b..896dca4c 100644
--- a/HISTORY.rst
+++ b/HISTORY.rst
@@ -14,6 +14,11 @@ Release History
 - The ``timeout`` parameter now affects requests with both ``stream=True`` and
   ``stream=False`` equally.
 
+**Bugfixes**
+
+- No longer expose Authorization or Proxy-Authorization headers on redirect.
+  Fix CVE-2014-1829 and CVE-2014-1830 respectively.
+
 2.2.1 (2014-01-23)
 ++++++++++++++++++