add server section to blog post

website/src/_posts/2018-02-0.24.md

@@ -96,4 +96,17 @@ This is entirely optional of course, just set `proudlyDisplayPoweredByUppy: fals
 
 ## Server News
 
-?
+On the Server side we tackled a number of security issues.
+
+- Fixed security vulnerability in transient dependency [#70](https://github.com/transloadit/uppy-server/issues/70)
+- Auto-generate tmp download file name to avoid Path traversal
+- Namespace redis key storage/lookup to avoid collisions
+- Validate callback redirect url after completing OAuth
+- Reduce the permission level required by google drive
+
+Other non security improvements are:
+
+- Auto-generate Server secret if none is provided on startup
+- We implemented a more standard logger for Uppy Server
+- Added an example project to run Uppy Server on Serverless, [see](https://github.com/transloadit/uppy-server/tree/master/examples/serverless).
+