diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-12-28 12:47:15 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-12-28 12:47:15 +0000 |
commit | e19bd3eaa8bd71cfc9e5bf436527f015b093f31e (patch) | |
tree | c3d5fae02297a4fff84f969a963fe6342eb288c8 /ChangeLog | |
parent | 858cb3f6b9ebc307e3721c73b406e238f7221e3d (diff) |
-This line, and those below, will be ignored--
M ruby_1_8_7/ChangeLog
M ruby_1_8_7/inits.c
M ruby_1_8_7/version.h
M ruby_1_8_7/string.c
M ruby_1_8_7/st.c
M ruby_1_8_7/test/ruby/test_string.rb
M ruby_1_8_7/random.c
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@34151 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 26 |
1 files changed, 26 insertions, 0 deletions
@@ -1,3 +1,29 @@ +Wed Dec 28 21:34:23 2011 URABE Shyouhei <shyouhei@ruby-lang.org> + + * string.c (rb_str_hash): randomize hash to avoid algorithmic + complexity attacks. CVE-2011-4815 + + * st.c (strhash): ditto. + + * string.c (Init_String): initialization of hash_seed to be at the + beginning of the process. + + * st.c (Init_st): ditto. + +Thu Dec 8 11:57:04 2011 Tanaka Akira <akr@fsij.org> + + * inits.c (rb_call_inits): call Init_RandomSeed at first. + + * random.c (seed_initialized): defined. + (fill_random_seed): extracted from random_seed. + (make_seed_value): extracted from random_seed. + (rb_f_rand): initialize random seed at first. + (initial_seed): defined. + (Init_RandomSeed): defined. + (Init_RandomSeed2): defined. + (rb_reset_random_seed): defined. + (Init_Random): call Init_RandomSeed2. + Sat Dec 10 20:44:23 2011 Tanaka Akira <akr@fsij.org> * lib/securerandom.rb: call OpenSSL::Random.seed at the |