summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorshyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-12-28 12:47:15 +0000
committershyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-12-28 12:47:15 +0000
commite19bd3eaa8bd71cfc9e5bf436527f015b093f31e (patch)
treec3d5fae02297a4fff84f969a963fe6342eb288c8 /ChangeLog
parent858cb3f6b9ebc307e3721c73b406e238f7221e3d (diff)
-This line, and those below, will be ignored--
M ruby_1_8_7/ChangeLog M ruby_1_8_7/inits.c M ruby_1_8_7/version.h M ruby_1_8_7/string.c M ruby_1_8_7/st.c M ruby_1_8_7/test/ruby/test_string.rb M ruby_1_8_7/random.c git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@34151 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog26
1 files changed, 26 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index e001f25239..79cae45dea 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,29 @@
+Wed Dec 28 21:34:23 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
+
+ * string.c (rb_str_hash): randomize hash to avoid algorithmic
+ complexity attacks. CVE-2011-4815
+
+ * st.c (strhash): ditto.
+
+ * string.c (Init_String): initialization of hash_seed to be at the
+ beginning of the process.
+
+ * st.c (Init_st): ditto.
+
+Thu Dec 8 11:57:04 2011 Tanaka Akira <akr@fsij.org>
+
+ * inits.c (rb_call_inits): call Init_RandomSeed at first.
+
+ * random.c (seed_initialized): defined.
+ (fill_random_seed): extracted from random_seed.
+ (make_seed_value): extracted from random_seed.
+ (rb_f_rand): initialize random seed at first.
+ (initial_seed): defined.
+ (Init_RandomSeed): defined.
+ (Init_RandomSeed2): defined.
+ (rb_reset_random_seed): defined.
+ (Init_Random): call Init_RandomSeed2.
+
Sat Dec 10 20:44:23 2011 Tanaka Akira <akr@fsij.org>
* lib/securerandom.rb: call OpenSSL::Random.seed at the
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 06:06:39 +0000