From 396fb3adf59852ba4885c82c4d8324ed9238a4bd Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Thu, 18 Sep 2014 18:24:20 -0400
Subject: devblog

---
 doc/devblog/day_221__another_fine_day_of_bugfixing.mdwn | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 doc/devblog/day_221__another_fine_day_of_bugfixing.mdwn

diff --git a/doc/devblog/day_221__another_fine_day_of_bugfixing.mdwn b/doc/devblog/day_221__another_fine_day_of_bugfixing.mdwn
new file mode 100644
index 000000000..0c26f5735
--- /dev/null
+++ b/doc/devblog/day_221__another_fine_day_of_bugfixing.mdwn
@@ -0,0 +1,10 @@
+Working through the forum posts and bugs. Backlog is down to 95.
+
+Discovered the first known security hole in git-annex!
+Turns out that S3 and Glacier remotes that were configured with embedcreds=yes and encryption=pubkey or encryption=hybrid
+didn't actually encrypt the AWS credentials that get embedded into the git
+repo. This doesn't affect any repos set up by the assistant.
+
+I've fixed the problem and am going to make a release soon.
+If your repo is affected, see 
+[[upgrades/insecure_embedded_creds]] for what to do about it.
-- 
cgit v1.2.3