From a8a33dcd98577b2cae5f38ce39b7a9d27f028a35 Mon Sep 17 00:00:00 2001
From: akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Fri, 8 Aug 2008 01:58:40 +0000
Subject: * lib/resolv.rb: randomize source port and transaction id.  
 CVE-2008-1447.

* lib/resolv-replace.rb (UDPSocket#bind): don't resolv host if host is
  "".


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@18424 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 04201a7954..96320cbddd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+Fri Aug  8 10:53:52 2008  Tanaka Akira  <akr@fsij.org>
+
+	* lib/resolv.rb: randomize source port and transaction id.
+	  CVE-2008-1447.
+
+	* lib/resolv-replace.rb (UDPSocket#bind): don't resolv host if host is
+	  "".
+
 Mon Aug  4 14:49:35 2008  URABE Shyouhei  <shyouhei@ruby-lang.org>
 
 	* lib/net/smtp.rb (Net::SMTP::rcptto): fix a typo. a patch from
-- 
cgit v1.2.3