Changelog of z3c.bcrypt
=======================

1.2 (2013-10-10)
----------------

- Only verify the first 4096 characters of a password to prevent
  denial-of-service attacks through repeated submission of large
  passwords, tying up server resources in the expensive computation
  of the corresponding hashes.

  See: https://www.djangoproject.com/weblog/2013/sep/15/security/

1.1 (2010-02-22)
----------------

- Fixes in the configure.zcml.

1.0 (2010-02-18)
----------------

- Initial public release.
