Change anti-CSRF security token lifetime to be session-based

author pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)

committer pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)
author pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)
committer pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)
diff --git a/doc/ChangeLog b/doc/ChangeLog

index fb04cf20618b2f6cdab6bf405b72a867994398bb..58de4e7e6e24bf79163700ece8a0fc0604735d47 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -419,6 +419,7 @@ Version 1.5.2 - SVN
      replying to after sending 
    - Sanitize user-supplied attachment filenames (thanks to Florian
      Grunow for reporting this issue) [CVE-2018-8741]
+  - Changed anti-CSRF security token lifetime to be session-based.
  
  Version 1.5.1 (branched on 2006-02-12)
  --------------------------------------
author	pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)
committer	pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sat, 25 Aug 2018 21:03:09 +0000 (21:03 +0000)