Skip to content

CakePHP Authentication 1.1.5
Compare
Choose a tag to compare
@markstory markstory released this 21 Sep 00:28
· 8 commits to 1.1.x since this release
1.1.5
d39e50f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Fixes

  • The session id rotation changes added in 1.1.3 have been reverted. They broke compatibility with SecurityComponent in a way that could not be fixed without other changes.
  • This release is susceptible to session fixation attacks due to the removed session id regeneration. Upgrade to 1.2.0 to resolve this.
Assets 2
Loading