From 586e5281e0fac726c98d2176b63d3350932a6588 Mon Sep 17 00:00:00 2001
From: Dan Hensby <dhensby@users.noreply.github.com>
Date: Fri, 18 Nov 2016 12:17:03 +0000
Subject: [PATCH] Added 3.1.21 changelog

---
 docs/en/04_Changelogs/3.1.21.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 docs/en/04_Changelogs/3.1.21.md

diff --git a/docs/en/04_Changelogs/3.1.21.md b/docs/en/04_Changelogs/3.1.21.md
new file mode 100644
index 000000000..0deb6741b
--- /dev/null
+++ b/docs/en/04_Changelogs/3.1.21.md
@@ -0,0 +1,16 @@
+# 3.1.21
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2016-11-11 [4440b88](https://github.com/silverstripe/silverstripe-framework/commit/4440b887304fe80ca77366800457cbc2ac705654) Form@httpSubmission will no longer load submitted data to disabled or readonly fields (Daniel Hensby) - See [ss-2016-010](http://www.silverstripe.org/download/security-releases/ss-2016-010)
+ * 2016-11-11 [61e4055](https://github.com/silverstripe/silverstripe-framework/commit/61e4055bdb13e37df6aa0d8edca0bf5d9345dc7e) Cast FormField values as Text to prevent readonly fields embeding rogue HTML (Daniel Hensby) - See [ss-2016-010](http://www.silverstripe.org/download/security-releases/ss-2016-010)
+ * 2016-10-27 [17097a4](https://github.com/silverstripe/silverstripe-framework/commit/17097a4d11274b157eadf64f32708acef204d510) Properly escape backURL for template injection (Daniel Hensby) - See [ss-2016-016](http://www.silverstripe.org/download/security-releases/ss-2016-016)
+ * 2016-07-14 [04b4453](https://github.com/silverstripe/silverstripe-cms/commit/04b4453e041c2520d3658be1585146f79dca09d8) Missing ACL check on ReportAdmin (Daniel Hensby) - See [ss-2016-012](http://www.silverstripe.org/download/security-releases/ss-2016-012)
+
+### Bugfixes
+
+ * 2016-09-12 [a14df0b](https://github.com/silverstripe/silverstripe-framework/commit/a14df0bc2d08f953ff7dd6f57899dbf260ab13a5) Force line endings to LF on sake file (Daniel Hensby)