ruby-changes:1794
From: ko1@a...
Date: 27 Aug 2007 19:16:36 +0900
Subject: [ruby-changes:1794] matz - Ruby:r13285 (ruby_1_8): * ext/etc/etc.c (etc_getlogin): update documentation to note
matz 2007-08-27 19:16:25 +0900 (Mon, 27 Aug 2007)
New Revision: 13285
Modified files:
branches/ruby_1_8/ChangeLog
branches/ruby_1_8/ext/etc/etc.c
branches/ruby_1_8/version.h
Log:
* ext/etc/etc.c (etc_getlogin): update documentation to note
security issue. [ruby-Bugs-11821]
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8/ChangeLog?r1=13285&r2=13284
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8/version.h?r1=13285&r2=13284
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8/ext/etc/etc.c?r1=13285&r2=13284
Index: ruby_1_8/ext/etc/etc.c
===================================================================
--- ruby_1_8/ext/etc/etc.c (revision 13284)
+++ ruby_1_8/ext/etc/etc.c (revision 13285)
@@ -35,6 +35,8 @@
char *getlogin();
/* Returns the short user name of the currently logged in user.
+ * Unfortunately, it is often rather easy to fool getlogin().
+ * Avoid getlogin() for security-related purposes.
*
* e.g.
* Etc.getlogin -> 'guest'
Index: ruby_1_8/ChangeLog
===================================================================
--- ruby_1_8/ChangeLog (revision 13284)
+++ ruby_1_8/ChangeLog (revision 13285)
@@ -1,3 +1,8 @@
+Mon Aug 27 19:10:50 2007 Yukihiro Matsumoto <matz@r...>
+
+ * ext/etc/etc.c (etc_getlogin): update documentation to note
+ security issue. [ruby-Bugs-11821]
+
Tue Aug 21 21:09:48 2007 Tanaka Akira <akr@f...>
* lib/tmpdir.rb (Dir.mktmpdir): make directory suffix specifiable.
Index: ruby_1_8/version.h
===================================================================
--- ruby_1_8/version.h (revision 13284)
+++ ruby_1_8/version.h (revision 13285)
@@ -1,7 +1,7 @@
#define RUBY_VERSION "1.8.6"
-#define RUBY_RELEASE_DATE "2007-08-21"
+#define RUBY_RELEASE_DATE "2007-08-27"
#define RUBY_VERSION_CODE 186
-#define RUBY_RELEASE_CODE 20070821
+#define RUBY_RELEASE_CODE 20070827
#define RUBY_PATCHLEVEL 5000
#define RUBY_VERSION_MAJOR 1
@@ -9,7 +9,7 @@
#define RUBY_VERSION_TEENY 6
#define RUBY_RELEASE_YEAR 2007
#define RUBY_RELEASE_MONTH 8
-#define RUBY_RELEASE_DAY 21
+#define RUBY_RELEASE_DAY 27
#ifdef RUBY_EXTERN
RUBY_EXTERN const char ruby_version[];
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml