Changeset: Changeset [674f780d59a5a7ec0301755d43a7b277a3ad2978] by Michael Koziarski - Ruby on Rails

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

This project is archived and is in readonly mode.

Changeset [674f780d59a5a7ec0301755d43a7b277a3ad2978] by Michael Koziarski

August 23rd, 2009 @ 06:26 AM

Fix timing attack vulnerability in the Cookie Store

Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC
http://github.com/rails/rails/commit/674f780d59a5a7ec0301755d43a7b2...

Committed by Michael Koziarski

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>