[Bps-public-commit] rt-authen-externalauth branch, master, updated. 0.25-6-g1c9dffa

Shawn Moore shawn at bestpractical.com
Thu Jun 15 14:49:35 EDT 2017


The branch, master has been updated
       via  1c9dffaca8be3a3abd3d4281e38a96ea4600457b (commit)
      from  436255c04b4881bb6d8eec9a57b8593033d863a9 (commit)

Summary of changes:
 CHANGES                       | 3 +++
 META.yml                      | 2 +-
 README                        | 3 +++
 lib/RT/Authen/ExternalAuth.pm | 2 +-
 4 files changed, 8 insertions(+), 2 deletions(-)

- Log -----------------------------------------------------------------
commit 1c9dffaca8be3a3abd3d4281e38a96ea4600457b
Author: Shawn M Moore <shawn at bestpractical.com>
Date:   Thu Jun 15 18:43:16 2017 +0000

    0.27 releng

diff --git a/CHANGES b/CHANGES
index 2d82bde..18f1afe 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+0.27 2017-06-15
+ - Fix timing sidechannel vulnerability in password checking (CVE-2017-5361)
+
 0.26 2016-08-02
  - Document and enforce against installing under RT 4.4, as this module's
    features were made part of core
diff --git a/META.yml b/META.yml
index e111f5a..6980db8 100644
--- a/META.yml
+++ b/META.yml
@@ -33,7 +33,7 @@ requires:
 resources:
   license: http://opensource.org/licenses/gpl-license.php
   repository: https://github.com/bestpractical/rt-authen-externalauth
-version: '0.26'
+version: '0.27'
 x_module_install_rtx_version: '0.38'
 x_requires_rt: 4.0.0
 x_rt_too_new: 4.4.0
diff --git a/README b/README
index e27aa4a..a7ef0b2 100644
--- a/README
+++ b/README
@@ -248,3 +248,6 @@ LICENSE AND COPYRIGHT
 
       The GNU General Public License, Version 2, June 1991
 
+  constant_time_eq($a, $b)
+    Taken verbatim from RT 4.4's RT::Util.
+
diff --git a/lib/RT/Authen/ExternalAuth.pm b/lib/RT/Authen/ExternalAuth.pm
index fd58a26..4ab641d 100644
--- a/lib/RT/Authen/ExternalAuth.pm
+++ b/lib/RT/Authen/ExternalAuth.pm
@@ -1,6 +1,6 @@
 package RT::Authen::ExternalAuth;
 
-our $VERSION = '0.26';
+our $VERSION = '0.27';
 
 =head1 NAME
 

-----------------------------------------------------------------------


More information about the Bps-public-commit mailing list