diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2018-10-17 17:33:17 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2018-10-17 17:33:17 +0900 |
commit | 1c8eb3065fe0b4555fc99d6f6c56e91f71637483 (patch) | |
tree | 53be8605cb1fe39df9da7ef49ffa387c44e92965 /History.md | |
parent | ce4022d4502fa6896db762403213d3267593446d (diff) | |
parent | 1b7e5e49265a88faa30791f8d677ae0a3b4c54f6 (diff) | |
download | ruby-openssl-1c8eb3065fe0b4555fc99d6f6c56e91f71637483.tar.gz |
Merge branch 'maint-2.0' into maint
* maint-2.0:
Ruby/OpenSSL 2.0.9
needs openssl/opensslv.h
x509name: fix OpenSSL::X509::Name#{cmp,<=>}
Diffstat (limited to 'History.md')
-rw-r--r-- | History.md | 23 |
1 files changed, 23 insertions, 0 deletions
@@ -55,6 +55,29 @@ Notable changes [[GitHub #177]](https://github.com/ruby/openssl/pull/177) +Version 2.0.9 +============= + +Security fixes +-------------- + +* OpenSSL::X509::Name#<=> could incorrectly return 0 (= equal) for non-equal + objects. CVE-2018-16395 is assigned for this issue. + https://hackerone.com/reports/387250 + +Bug fixes +--------- + +* Fixed OpenSSL::PKey::*.{new,generate} immediately aborting if the thread is + interrupted. + [[Bug #14882]](https://bugs.ruby-lang.org/issues/14882) + [[GitHub #205]](https://github.com/ruby/openssl/pull/205) +* Fixed OpenSSL::X509::Name#to_s failing with OpenSSL::X509::NameError if + called against an empty instance. + [[GitHub #200]](https://github.com/ruby/openssl/issues/200) + [[GitHub #211]](https://github.com/ruby/openssl/pull/211) + + Version 2.0.8 ============= |