From 784a425e07f8b249b44137eadfe2a5dfe436aaeb Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 03 Feb 2011 17:08:03 -0500
Subject: [PATCH] protect login form submission from CSRF using a request token

---
 CHANGELOG |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index b9d68b7..9e5aadd 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Security: protect login form submission from CSRF
 - Security: prevent from relaying malicious requests through modcss.inc
 - Fix handling of non-image attachments in multipart/related messages (#1487750)
 - Fix IDNA support when IDN/INTL modules are in use (#1487742)

--
Gitblit v1.9.1