Ruby Issue Tracking System

02/08/2012

03:10 pm ruby-trunk Bug #5353: TLS v1.0 and less - Attack on CBC mode

Backported to ruby_1_8 and ruby_1_8_7 by r34485 and r34486 respectively.

03:09 pm Backport87 Revision 34486: Backport r34482 from trunk. See #5353

02:57 pm Ruby 1.8 Revision 34485: Backport r34482 from trunk. See #5353

02:48 pm Ruby 1.8 Revision 34483: merge revision(s) 31346,31528:

* ext/openssl/extconf.rb: Should check SSLv2_*method.
openssl compiled with "no-ssl2" the extconf don't fai...

02:30 pm ruby-trunk Bug #5353 (Open): TLS v1.0 and less - Attack on CBC mode

Should have written 'See #5353' not 'See [Bug #5353]'. I don't like machinery autoclosing. :(

02:27 pm ruby-trunk Bug #5353 (Closed): TLS v1.0 and less - Attack on CBC mode

This issue was solved with changeset r34482.
Martin, thank you for reporting this issue.
Your contribution to Ruby is...

02:27 pm ruby-trunk Revision 34482: * ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL

option to prevent BEAST attack. See [Bug #5353].
In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent
T...

01/24/2012

10:06 am ruby-trunk Bug #5925: Lazy initialization is not thread safe.

=begin
I think the author expected that Hash#replace is thread-safe, and it surely is in CRuby. (see rescue for doub...

01/05/2012

10:48 pm ruby-trunk Bug #5846 (Open): JSON.parse with :object_class causes SEGV

JSON.parse method accepts a :object_class option to specify the class of resulting object other than Hash. But with ...

12/22/2011

07:29 am ruby-trunk Bug #5786: LoadError: cannot load such file -- openssl

On Thu, Dec 22, 2011 at 00:32, Kazuhiro NISHIYAMA <redmine@ruby-lang.org> wrote:
> % git grep -n 'autoload.*openss...