d63e20942f3024f24cb8cd85a49461ba8a9b6736 | Vulnerability History Project

The Vulnerability History Project

[1.6.x] Prevented leaking the CSRF token through caching.

      This is a security fix. Disclosure will follow shortly.

Backport of c083e3815aec23b99833da710eea574e6f2e8566 from master

by Shawn the Jaguar 2014-04-20 20:27:33 UTC

commit d63e20942f3024f24cb8cd85a49461ba8a9b6736

Django Fix CVE-2014-0473

django/middleware/cache.py

+1 -9

tests/cache/tests.py

-28

expand_less