From 09c7793b23ae77c54e25d12b63d8ca9c9232efeb Mon Sep 17 00:00:00 2001
From: Derek Jones
Date: Tue, 31 Aug 2010 13:17:10 -0500
Subject: Significant changes to the Encryption library
- Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost.
- Changed the default encryption mode from ECB to CBC for much improved security
- Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods.
---
user_guide/changelog.html | 4 ++++
1 file changed, 4 insertions(+)
(limited to 'user_guide/changelog.html')
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index d9c17ab76..c42bde01e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -100,6 +100,10 @@ Hg Tag:
Added a second parameter (boolean) to $this->zip->read_dir('/path/to/directory', FALSE) to remove the preceding trail of empty folders when creating a Zip archive. This example would contain a zip with "directory" and all of its contents.
Added ability in the Image Library to handle PNG transparency for resize operations when using the GD lib.
Modified the Session class to prevent use if no encryption key is set in the config file.
+ Improved performance of the Encryption library on servers where Mcrypt is available.
+ Changed the default encryption mode in the Encryption library to CBC.
+ Added an encode_from_legacy() method to provide a way to transition encrypted data from CodeIgniter 1.x to CodeIgniter 2.x.
+ Please see the upgrade instructions for details.
Database
--
cgit v1.2.3-24-g4f1b