From: pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Sat, 25 Aug 2018 21:03:09 +0000 (+0000)
Subject: Change anti-CSRF security token lifetime to be session-based
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=18bd19a0203675a6ffdad77b825dc9d95c4fe87d;p=squirrelmail.git

Change anti-CSRF security token lifetime to be session-based

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14772 7612ce4b-ef26-0410-bec9-ea0150e637f0
---

diff --git a/doc/ChangeLog b/doc/ChangeLog
index fb04cf20..58de4e7e 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -419,6 +419,7 @@ Version 1.5.2 - SVN
     replying to after sending 
   - Sanitize user-supplied attachment filenames (thanks to Florian
     Grunow for reporting this issue) [CVE-2018-8741]
+  - Changed anti-CSRF security token lifetime to be session-based.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------