Lasse and Paul's attack has a CVE: CVE-2006-0414

svn:r5868

2 files changed, 2 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 48b0e77b96..7a10c0e869 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -35,6 +35,7 @@ Changes in version 0.1.1.11-alpha - 2006-01-10
       dramatically against certain end-point attacks. The EntryNodes
       config option now provides some hints about which entry guards you
       want to use most; and StrictEntryNodes means to only use those.
+      (CVE-2006-0414)
     - New directory logic: download by descriptor digest, not by
       fingerprint. Caches try to download all listed digests from
       authorities; clients try to download "best" digests from caches.
diff --git a/debian/changelog b/debian/changelog
index 30a411664f..89490284e5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -23,7 +23,7 @@ tor (0.1.1.11-alpha-1) experimental; urgency=low
     - Implement "entry guards": automatically choose a handful of entry
       nodes and stick with them for all circuits.  This will increase
       security dramatically against certain end-point attacks
-      (closes: #349283).
+      (closes: #349283, CVE-2006-0414).
   * Forward port patches/07_log_to_file_by_default.
   * Forward port 0.1.0.16 changelog and change to copyright file.