Changelog (v5.4.11...v5.4.12)
- bug #47283 Prevent accepted rate limits with no remaining token to be preferred over denied ones (MatTheCat)
- bug #47273 Do not send Set-Cookie header twice for deleted session cookie (X-Coder264)
- bug #47130 Fix invalid ID not regenerated with native PHP file sessions (BrokenSourceCode)