Merge pull request #3325 from mmerickel/fix-unpickle-crash

catch other pickle errors when loading content
author: Michael Merickel <michael@merickel.org> 2018-08-10 10:59:20 -0500
committer: GitHub <noreply@github.com> 2018-08-10 10:59:20 -0500
commit: 5488da0d165468199f0d07a2ca579b86617fad72 (patch)
tree: 43783139e0e7489e095975a7cb78a922190bc0c5 /CHANGES.rst
parent: 3a89ed345c4cf98f0b890737d78220e61c0c53e4 (diff)
parent: 9d6851286695842fc93c1adfc45c6fc8daff73fb (diff)
download: pyramid-5488da0d165468199f0d07a2ca579b86617fad72.tar.gz
pyramid-5488da0d165468199f0d07a2ca579b86617fad72.tar.bz2
pyramid-5488da0d165468199f0d07a2ca579b86617fad72.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES.rst b/CHANGES.rst
index 91dadfa79..9bfa80f05 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -67,6 +67,12 @@ Bug Fixes
   code. The old ``MIMEAccept`` has been deprecated. The new methods follow the
   RFC's more closely. See https://github.com/Pylons/pyramid/pull/3251
 
+- Catch extra errors like ``AttributeError`` when unpickling "trusted"
+  session cookies with bad pickle data in them. This would occur when sharing
+  a secret between projects that shouldn't actually share session cookies,
+  like when reusing secrets between projects in development.
+  See https://github.com/Pylons/pyramid/pull/3325
+
 Deprecations
 ------------
author	Michael Merickel <michael@merickel.org>	2018-08-10 10:59:20 -0500
committer	GitHub <noreply@github.com>	2018-08-10 10:59:20 -0500
commit	5488da0d165468199f0d07a2ca579b86617fad72 (patch)
tree	43783139e0e7489e095975a7cb78a922190bc0c5 /CHANGES.rst
parent	3a89ed345c4cf98f0b890737d78220e61c0c53e4 (diff)
parent	9d6851286695842fc93c1adfc45c6fc8daff73fb (diff)
download	pyramid-5488da0d165468199f0d07a2ca579b86617fad72.tar.gz pyramid-5488da0d165468199f0d07a2ca579b86617fad72.tar.bz2 pyramid-5488da0d165468199f0d07a2ca579b86617fad72.zip