… | |
… | |
2 | |
2 | |
3 | TODO: pack_keys? |
3 | TODO: pack_keys? |
4 | TODO: document encode_cbor_sharing? |
4 | TODO: document encode_cbor_sharing? |
5 | TODO: weaken cyclic structures? |
5 | TODO: weaken cyclic structures? |
6 | TODO: large negative integers |
6 | TODO: large negative integers |
|
|
7 | |
|
|
8 | 1.7 Tue Jun 27 04:02:23 CEST 2017 |
|
|
9 | - SECURITY FIX: fix two bugs found by american fuzzy lop, |
|
|
10 | upgrade is advised if you accept data from untrusted |
|
|
11 | sources. |
|
|
12 | - an out-of bound sharedref or stringref index could cause an |
|
|
13 | out of bounds access - might be exploitable. |
|
|
14 | - a decoding error during indefinite array or hash decoding |
|
|
15 | could cause an endless loop. |
7 | |
16 | |
8 | 1.6 Wed Dec 7 15:13:23 CET 2016 |
17 | 1.6 Wed Dec 7 15:13:23 CET 2016 |
9 | - greatly expand the SECURITY IMPLICATIONS and similar sections. |
18 | - greatly expand the SECURITY IMPLICATIONS and similar sections. |
10 | - new constructor new_safe, to create a secure CBOR::XS object. |
19 | - new constructor new_safe, to create a secure CBOR::XS object. |
11 | - new option forbid_objects, to disallow serialisation. |
20 | - new option forbid_objects, to disallow serialisation. |