diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2018-10-17 17:22:00 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2018-10-17 17:22:00 +0900 |
commit | 1b7e5e49265a88faa30791f8d677ae0a3b4c54f6 (patch) | |
tree | dea95d74597d27882b16ae20a8c5b3fda6056f80 | |
parent | b06dd00c0d7f167ea54d728ba0f4daaa4c0d37dd (diff) | |
download | ruby-openssl-1b7e5e49265a88faa30791f8d677ae0a3b4c54f6.tar.gz |
Ruby/OpenSSL 2.0.9v2.0.9
-rw-r--r-- | History.md | 23 | ||||
-rw-r--r-- | ext/openssl/ossl_version.h | 2 | ||||
-rw-r--r-- | openssl.gemspec | 2 |
3 files changed, 25 insertions, 2 deletions
@@ -1,3 +1,26 @@ +Version 2.0.9 +============= + +Security fixes +-------------- + +* OpenSSL::X509::Name#<=> could incorrectly return 0 (= equal) for non-equal + objects. CVE-2018-16395 is assigned for this issue. + https://hackerone.com/reports/387250 + +Bug fixes +--------- + +* Fixed OpenSSL::PKey::*.{new,generate} immediately aborting if the thread is + interrupted. + [[Bug #14882]](https://bugs.ruby-lang.org/issues/14882) + [[GitHub #205]](https://github.com/ruby/openssl/pull/205) +* Fixed OpenSSL::X509::Name#to_s failing with OpenSSL::X509::NameError if + called against an empty instance. + [[GitHub #200]](https://github.com/ruby/openssl/issues/200) + [[GitHub #211]](https://github.com/ruby/openssl/pull/211) + + Version 2.0.8 ============= diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h index a4b99e80..1ac6b4c6 100644 --- a/ext/openssl/ossl_version.h +++ b/ext/openssl/ossl_version.h @@ -10,6 +10,6 @@ #if !defined(_OSSL_VERSION_H_) #define _OSSL_VERSION_H_ -#define OSSL_VERSION "2.0.8" +#define OSSL_VERSION "2.0.9" #endif /* _OSSL_VERSION_H_ */ diff --git a/openssl.gemspec b/openssl.gemspec index 41444c5a..0d848306 100644 --- a/openssl.gemspec +++ b/openssl.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |spec| spec.name = "openssl" - spec.version = "2.0.8" + spec.version = "2.0.9" spec.authors = ["Martin Bosslet", "SHIBATA Hiroshi", "Zachary Scott", "Kazuki Yamaguchi"] spec.email = ["ruby-core@ruby-lang.org"] spec.summary = %q{OpenSSL provides SSL, TLS and general purpose cryptography.} |