aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/version.rb
diff options
context:
space:
mode:
authorCoda Hale <coda.hale@gmail.com>2009-08-13 10:03:08 -0700
committerMichael Koziarski <michael@koziarski.com>2009-09-04 09:25:38 +1200
commit5e6dab8b34152bc48c89032d20e5bda1511e28fb (patch)
treee07e5aaab885d847f4cdf7006b55fb0601d3b676 /railties/lib/rails/version.rb
parentbd97c3044a7b135f5b84f38c3dbdce2ccc793f70 (diff)
downloadrails-5e6dab8b34152bc48c89032d20e5bda1511e28fb.tar.gz
rails-5e6dab8b34152bc48c89032d20e5bda1511e28fb.tar.bz2
rails-5e6dab8b34152bc48c89032d20e5bda1511e28fb.zip
Fix timing attack vulnerability in ActiveSupport::MessageVerifier.
Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com>
Diffstat (limited to 'railties/lib/rails/version.rb')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-06 20:02:32 +0000