ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/CBOR-XS/Changes
(Generate patch)

Comparing CBOR-XS/Changes (file contents):
Revision 1.76 by root, Wed Dec 7 14:14:30 2016 UTC vs.
Revision 1.77 by root, Tue Jun 27 02:03:23 2017 UTC

2 2
3TODO: pack_keys? 3TODO: pack_keys?
4TODO: document encode_cbor_sharing? 4TODO: document encode_cbor_sharing?
5TODO: weaken cyclic structures? 5TODO: weaken cyclic structures?
6TODO: large negative integers 6TODO: large negative integers
7
81.7 Tue Jun 27 04:02:23 CEST 2017
9 - SECURITY FIX: fix two bugs found by american fuzzy lop,
10 upgrade is advised if you accept data from untrusted
11 sources.
12 - an out-of bound sharedref or stringref index could cause an
13 out of bounds access - might be exploitable.
14 - a decoding error during indefinite array or hash decoding
15 could cause an endless loop.
7 16
81.6 Wed Dec 7 15:13:23 CET 2016 171.6 Wed Dec 7 15:13:23 CET 2016
9 - greatly expand the SECURITY IMPLICATIONS and similar sections. 18 - greatly expand the SECURITY IMPLICATIONS and similar sections.
10 - new constructor new_safe, to create a secure CBOR::XS object. 19 - new constructor new_safe, to create a secure CBOR::XS object.
11 - new option forbid_objects, to disallow serialisation. 20 - new option forbid_objects, to disallow serialisation.

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines