Merge branch 'maint-2.0' into maint

* maint-2.0: Ruby/OpenSSL 2.0.9 needs openssl/opensslv.h x509name: fix OpenSSL::X509::Name#{cmp,<=>}
author: Kazuki Yamaguchi <k@rhe.jp> 2018-10-17 17:33:17 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2018-10-17 17:33:17 +0900
commit: 1c8eb3065fe0b4555fc99d6f6c56e91f71637483 (patch)
tree: 53be8605cb1fe39df9da7ef49ffa387c44e92965 /History.md
parent: ce4022d4502fa6896db762403213d3267593446d (diff)
parent: 1b7e5e49265a88faa30791f8d677ae0a3b4c54f6 (diff)
download: ruby-openssl-1c8eb3065fe0b4555fc99d6f6c56e91f71637483.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/History.md b/History.md
index e2399f4c..f3b37cbc 100644
--- a/History.md
+++ b/History.md
@@ -55,6 +55,29 @@ Notable changes
   [[GitHub #177]](https://github.com/ruby/openssl/pull/177)
 
 
+Version 2.0.9
+=============
+
+Security fixes
+--------------
+
+* OpenSSL::X509::Name#<=> could incorrectly return 0 (= equal) for non-equal
+  objects. CVE-2018-16395 is assigned for this issue.
+  https://hackerone.com/reports/387250
+
+Bug fixes
+---------
+
+* Fixed OpenSSL::PKey::*.{new,generate} immediately aborting if the thread is
+  interrupted.
+  [[Bug #14882]](https://bugs.ruby-lang.org/issues/14882)
+  [[GitHub #205]](https://github.com/ruby/openssl/pull/205)
+* Fixed OpenSSL::X509::Name#to_s failing with OpenSSL::X509::NameError if
+  called against an empty instance.
+  [[GitHub #200]](https://github.com/ruby/openssl/issues/200)
+  [[GitHub #211]](https://github.com/ruby/openssl/pull/211)
+
+
 Version 2.0.8
 =============
author	Kazuki Yamaguchi <k@rhe.jp>	2018-10-17 17:33:17 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2018-10-17 17:33:17 +0900
commit	1c8eb3065fe0b4555fc99d6f6c56e91f71637483 (patch)
tree	53be8605cb1fe39df9da7ef49ffa387c44e92965 /History.md
parent	ce4022d4502fa6896db762403213d3267593446d (diff)
parent	1b7e5e49265a88faa30791f8d677ae0a3b4c54f6 (diff)
download	ruby-openssl-1c8eb3065fe0b4555fc99d6f6c56e91f71637483.tar.gz