[ci skip] Protect CSRF verification from timing side-channel attacks

author: Andrey Andreev <narf@devilix.net> 2017-01-04 15:01:27 +0100
committer: Andrey Andreev <narf@devilix.net> 2017-01-04 15:01:27 +0100
commit: 5a2390d4d6287f2ce35cadae4713b7dcd10fdc9b (patch)
tree: 8451e543979cded3be535dbd8d5aa92e0df5f3a0 /user_guide_src
parent: 2ab1c1902711c8b0caf5c3e8f2fa825d72f6755d (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index ad7d6a4ed..7284d100c 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -10,6 +10,7 @@ Release Date: Not Released
 -  **Security**
 
    -  Fixed an XSS vulnerability in :doc:`Security Library <libraries/security>` method ``xss_clean()``.
+   -  Added protection against timing side-channel attacks in :doc:`Security Library <libraries/security>` method ``csrf_verify()``.
 
 -  General Changes
author	Andrey Andreev <narf@devilix.net>	2017-01-04 15:01:27 +0100
committer	Andrey Andreev <narf@devilix.net>	2017-01-04 15:01:27 +0100
commit	5a2390d4d6287f2ce35cadae4713b7dcd10fdc9b (patch)
tree	8451e543979cded3be535dbd8d5aa92e0df5f3a0 /user_guide_src
parent	2ab1c1902711c8b0caf5c3e8f2fa825d72f6755d (diff)