aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/CHANGELOG.md
diff options
context:
space:
mode:
authorRafael Mendonça França <rafaelmfranca@gmail.com>2017-11-25 11:39:37 -0500
committerRafael Mendonça França <rafaelmfranca@gmail.com>2017-11-25 11:39:37 -0500
commit0623b5d19408ef3093bef3597bfcb12cf70a08a3 (patch)
tree9027e49a5e270a5fe61088f3d38adb05854c88ed /activesupport/CHANGELOG.md
parent8c750ffb92a8e5ee5661875c52dbc1a7686fb1bc (diff)
parentfa487763d98ccf9c3e66fdb44f09af5c37a50fe5 (diff)
downloadrails-0623b5d19408ef3093bef3597bfcb12cf70a08a3.tar.gz
rails-0623b5d19408ef3093bef3597bfcb12cf70a08a3.tar.bz2
rails-0623b5d19408ef3093bef3597bfcb12cf70a08a3.zip
Merge pull request #24510 from vipulnsward/make-variable_size_secure_compare-public
Make variable_size_secure_compare public
Diffstat (limited to 'activesupport/CHANGELOG.md')
-rw-r--r--activesupport/CHANGELOG.md8
1 files changed, 8 insertions, 0 deletions
diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md
index 3257c63fd2..b6eb64c1c9 100644
--- a/activesupport/CHANGELOG.md
+++ b/activesupport/CHANGELOG.md
@@ -1,3 +1,11 @@
+* Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,
+ to make it not leak length information even for variable length string.
+
+ Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`,
+ and started raising `ArgumentError` in case of length mismatch of passed strings.
+
+ *Vipul A M*
+
* Make `ActiveSupport::TimeZone.all` return only time zones that are in
`ActiveSupport::TimeZone::MAPPING`.