[#72745] [Ruby trunk - Misc #11876] [Closed] Scheduled maintenance 2016/01/01 — shibata.hiroshi@...
Issue #11876 has been updated by Hiroshi SHIBATA.
shibata.hiroshi@gmail.com wrote:
[#72824] [Ruby trunk - Bug #11973] IO#advise should raise NotImplementedError on platforms that do not support that call — git@...
Issue #11973 has been updated by Chuck Remes.
[#72954] [Ruby trunk - Feature #12010] [Assigned] Exclude dot and dotdot from Dir#each — naruse@...
Issue #12010 has been reported by Yui NARUSE.
naruse@airemix.jp wrote:
[#73313] [Ruby trunk - Bug #12007] [Open] Newly added Unicode data file doesn't get downloaded — shugo@...
Issue #12007 has been updated by Shugo Maeda.
[#73372] [Ruby trunk - Misc #12004] Code of Conduct — benton@...
Issue #12004 has been updated by Benton Barnett.
On Sun, Jan 24, 2016 at 5:13 PM, <benton@bentonbarnett.com> wrote:
[#73421] [Ruby trunk - Misc #12004] Code of Conduct — nekocat432@...
Issue #12004 has been updated by Ruby Dino.
I’m sorry, but this, like the code of merit, is merely a derailing tactic.
On 2016/01/26 01:32, Austin Ziegler wrote:
On Tue, Jan 26, 2016 at 12:25 AM, Martin J. Dürst <duerst@it.aoyama.ac.jp>
[#73491] [Ruby trunk - Misc #12004] Code of Conduct — git@...
Issue #12004 has been updated by Chuck Remes.
They will never provide any numbers because they are not engineers and they
Coraline is a panelist on Ruby rogues and a very well respected member of
OK, sorry for previous comment. Let's try this way.
On Tue, Jan 26, 2016 at 5:15 PM, Andrew Kirilenko <
[#73558] [Ruby trunk - Misc #12004] Code of Conduct — andrew.kirilenko@...
Issue #12004 has been updated by Andrew Kirilenko.
Andrew, please stop digging. Your hole is only getting deeper.
>Andrew, please stop digging. Your hole is only getting deeper.
[#73586] [Ruby trunk - Misc #12004] Code of Conduct — andrew@...
Issue #12004 has been updated by Andrew Vit.
[#73593] [Ruby trunk - Bug #12034] RegExp does not respect file encoding directive — nobu@...
Issue #12034 has been updated by Nobuyoshi Nakada.
[ruby-core:72766] [Ruby trunk - Bug #11968] [Open] OpenSSL extension only supports weak (512-bit, 1024-bit) Diffie-Hellman groups
Issue #11968 has been reported by Tony Arcieri. ---------------------------------------- Bug #11968: OpenSSL extension only supports weak (512-bit, 1024-bit) Diffie-Hellman groups https://bugs.ruby-lang.org/issues/11968 * Author: Tony Arcieri * Status: Open * Priority: Normal * Assignee: * ruby -v: * Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN ---------------------------------------- The following D-H groups are enabled per default: https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/pkey.rb These use 512-bit and 1024-bit primes respectively. These are considered weak in 2015 by all present methods of evaluating D-H group size as a security parameter: http://www.keylength.com/ Weak D-H groups like this were recently implicated in the Logjam attack: https://weakdh.org/ 512-bit D-H keys in particular can be trivially attacked by commodity hardware. I have put in a PR to the openssl gem to remove the 512-bit group: https://github.com/ruby/openssl/pull/44 However, the 1024-bit group is weak as well. The recommendation of the Logjam paper authors is to upgrade to a 2048-bit group at the minimum. -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>