Change anti-CSRF security token lifetime to be session-based

[squirrelmail.git] / doc / ChangeLog

diff --git a/doc/ChangeLog b/doc/ChangeLog
index fb04cf20618b2f6cdab6bf405b72a867994398bb..58de4e7e6e24bf79163700ece8a0fc0604735d47 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -419,6 +419,7 @@ Version 1.5.2 - SVN
     replying to after sending 
   - Sanitize user-supplied attachment filenames (thanks to Florian
     Grunow for reporting this issue) [CVE-2018-8741]
+  - Changed anti-CSRF security token lifetime to be session-based.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------