diff options
author | drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-04-19 23:38:41 +0000 |
---|---|---|
committer | drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-04-19 23:38:41 +0000 |
commit | d927018018577e2fa8e0d0475c7f87c3a7e02302 (patch) | |
tree | 6093dd0b571d57de523806fa8d34f810299c97ad /ChangeLog | |
parent | 39573b4b77d8490b105800b25a7a0fd9d021f52b (diff) |
Backport security fixes for rubygems from r35404
* lib/rubygems: Update to RubyGems 1.8.23 which contains security
fixes:
RubyGems now disallows redirection from HTTPS to HTTP.
RubyGems now verifies SSL connections.
See https://github.com/rubygems/rubygems/blob/1.8/History.txt for
changes since 1.8.22.
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@35405 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -1,3 +1,16 @@ +Fri Apr 20 08:30:55 2012 Eric Hodel <drbrain@segment7.net> + + * lib/rubygems: Update to RubyGems 1.8.23 which contains security + fixes: + + RubyGems now disallows redirection from HTTPS to HTTP. + + RubyGems now verifies SSL connections. + + See https://github.com/rubygems/rubygems/blob/1.8/History.txt for + changes since 1.8.22. + * test/rubygems: ditto. + Fri Apr 20 07:39:50 2012 Eric Hodel <drbrain@segment7.net> * lib/rubygems: Update to RubyGems 1.8.22 plus r33517 and r35337 which |