diff options
| author | Sytse Sijbrandij <sytse@dosire.com> | 2013-10-11 17:54:38 +0200 |
|---|---|---|
| committer | Sytse Sijbrandij <sytse@dosire.com> | 2013-10-11 17:54:46 +0200 |
| commit | ba7c1764be87f272759471bde01b92dcc147e952 (patch) | |
| tree | 569b61144a8ba0ba607a5b805827f3d108daeaf5 /CHANGELOG | |
| parent | f81532b5b929d5fa8fdf72a71eb036b0cf27735b (diff) | |
| download | gitlab-ce-ba7c1764be87f272759471bde01b92dcc147e952.tar.gz | |
The cookie store is vulnerable to session replay attacks.
Diffstat (limited to 'CHANGELOG')
| -rw-r--r-- | CHANGELOG | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG index 0d57728367c..1843311d763 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -14,6 +14,7 @@ v 6.2.0 - Extended User API to expose admin and can_create_group for user creation/updating (Boyan Tabakov) - API: Remove group - Avatar upload on profile page with a maximum of 200KB (Steven Thonus) + - Store the sessions in Redis instead of the cookie store v 6.1.0 - Project specific IDs for issues, mr, milestones |