From 4a5d839ceb4f08aff4843abc6b369b12a97e02e7 Mon Sep 17 00:00:00 2001
From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Thu, 23 Oct 2014 09:59:40 +0000
Subject: merge revision(s) 45274,45278,45280,48097: [Backport #9424]

	* lib/openssl/ssl.rb: Explicitly whitelist the default
	  SSL/TLS ciphers. Forbid SSLv2 and SSLv3, disable
	  compression by default.
	  Reported by Jeff Hodges.
	  [ruby-core:59829] [Bug #9424]

	* test/openssl/test_ssl.rb: Reuse TLS default options from
	  OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.

	* ext/openssl/lib/openssl/ssl.rb (DEFAULT_PARAMS): override
	  options even if OpenSSL::SSL::OP_NO_SSLv3 is not defined.
	  this is pointed out by Stephen Touset. [ruby-core:65711] [Bug #9424]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@48110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 590125e2c5..4d9fd00bf8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,22 @@
+Thu Oct 23 18:56:55 2014  CHIKANAGA Tomoyuki  <nagachika@ruby-lang.org>
+
+	* ext/openssl/lib/openssl/ssl.rb (DEFAULT_PARAMS): override
+	  options even if OpenSSL::SSL::OP_NO_SSLv3 is not defined.
+	  this is pointed out by Stephen Touset. [ruby-core:65711] [Bug #9424]
+
+Thu Oct 23 18:56:55 2014  Martin Bosslet  <Martin.Bosslet@gmail.com>
+
+	* test/openssl/test_ssl.rb: Reuse TLS default options from
+	  OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.
+
+Thu Oct 23 18:56:55 2014  Martin Bosslet  <Martin.Bosslet@gmail.com>
+
+	* lib/openssl/ssl.rb: Explicitly whitelist the default
+	  SSL/TLS ciphers. Forbid SSLv2 and SSLv3, disable
+	  compression by default.
+	  Reported by Jeff Hodges.
+	  [ruby-core:59829] [Bug #9424]
+
 Mon Oct 20 14:41:45 2014  Kazuki Tsujimoto  <kazuki@callcc.net>
 
 	* vm_core.h, vm.c, proc.c: fix GC mark miss on bindings.
-- 
cgit v1.2.3