[Owasp-leaders] crsfguard 3.0 vs 3.1 major differences

Azzeddine Ramrami azzeddine.ramrami at owasp.org
Tue Nov 17 22:14:47 UTC 2015


My family name is RAMRAMI not Ramrari :)

The version 3.1.0 correct a security bugs in 3.0. In 3.0 we can bypass the
CSRF verification token.

So I recommend to use only the version 3.1.0.

Now this version is published in Maven Central.
Azzeddine

On Tue, Nov 17, 2015 at 11:08 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Hi Ramrari, leaders
>
> What is in your opinion the major difference between crsfguard 3.0 and 3.1
> ?
> I know off course, apart from being updated by Ramrari (3.1) why would you
> recommend an upgrade?
>
> Regards
>
> Johanna
>



-- 
Azzeddine RAMRAMI
+33 6 65 48 90 04.
Enterprise Security Architect
OWASP Leader (Morocco Chapter)
Mozilla Security Projects Mentor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151117/89586eff/attachment.html>


More information about the OWASP-Leaders mailing list