| Age | Commit message (Expand) | Author |
|---|---|---|
| 2026-06-03 | Fixed CVE-2026-48587 -- Ignored whitespace padding when checking Vary header ... | Jake Howard |
| 2026-06-03 | Fixed CVE-2026-35193 -- Varied on Authorization when caching non-public respo... | Jacob Walls |
| 2026-06-03 | Fixed CVE-2026-8404 -- Used Cache-Control directives case-insensitively in Up... | Jake Howard |
| 2026-06-03 | Fixed CVE-2026-7666 -- Delayed setting SMTP connection until fully configured. | Jake Howard |
| 2026-06-03 | Fixed CVE-2026-6873 -- Prevented signed cookie salt namespace collisions. | Paul McMillan |
| 2026-05-27 | Added stub release notes and release date for 6.0.6 and 5.2.15. | Natalia |
