Skip to content
Jan 13, 2016

v1.0.0-rc4

Fix variable names in String::compare.
Jan 13, 2016

v0.11.1

Fixing/Improving `String::compare()` algorithm; Security; backported.
The comparison algorithm used before wasn't really resistent against
timing attacks. While a whole iteration was always performed, the
loop's body would perform differently. Once `$result` was `false`,
the right side of the condition was evaluated anymore, thus leading
to an (albeit minimal) shorter execution time.

The affected code is:
```
$result = $result && ($left[$i] === $right[$i]);
```

Refs #1259.
Jan 13, 2016

v1.0.0-rc3

Fixing/Improving `String::compare()` algorithm; Security.
The comparison algorithm used before wasn't really resistent against
timing attacks. While a whole iteration was always performed, the
loop's body would perform differently. Once `$result` was `false`,
the right side of the condition was evaluated anymore, thus leading
to an (albeit minimal) shorter execution time.

The affected code is:
```
$result = $result && ($left[$i] === $right[$i]);
```

Refs #1259.
Sep 5, 2015

v1.0.0-rc2

Fix composer version contraint.
Aug 12, 2015

v1.0.0-rc1

Merge branch 'master' into dev
Aug 28, 2013

1.0-beta

Implementing naive relationship fetching & docs.
Aug 28, 2013

v1.0.0-beta

Implementing naive relationship fetching & docs.
Oct 11, 2012

v0.11.0

Refactoring asset handling in `Media`, implementing support for addin…
…g asset hosts through `Libraries`.
Oct 11, 2012

0.11

Refactoring asset handling in `Media`, implementing support for addin…
…g asset hosts through `Libraries`.
Oct 11, 2012

lithium-0.11

Refactoring asset handling in `Media`, implementing support for addin…
…g asset hosts through `Libraries`.
Something went wrong with that request. Please try again.