Add a changelog entry

author: Nick Mathewson <nickm@torproject.org> 2010-12-15 22:35:07 -0500
committer: Nick Mathewson <nickm@torproject.org> 2010-12-15 22:35:07 -0500
commit: b0def605a52b3acce1cb212f270b184d72f237f5 (patch)
tree: 82d1a8c3665d45d4129a6a6641822d5612cedf48
parent: b8a7bad7995fceee83e61f2f403685d42d8759ce (diff)
download: tor-b0def605a52b3acce1cb212f270b184d72f237f5.tar.gz
tor-b0def605a52b3acce1cb212f270b184d72f237f5.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/security_bug b/changes/security_bug
new file mode 100644
index 0000000000..990beee506
--- /dev/null
+++ b/changes/security_bug
@@ -0,0 +1,5 @@
+  o Major bugfixes:
+    - Fix a remotely exploitable bug that could be used to crash instances
+      of Tor remotely by overflowing on the heap.  Remove-code execution
+      hasn't been confirmed, but can't be ruled out.  Obviously, everyone
+      should upgrade.  Bugfix on the 0.1.1 series and later.
author	Nick Mathewson <nickm@torproject.org>	2010-12-15 22:35:07 -0500
committer	Nick Mathewson <nickm@torproject.org>	2010-12-15 22:35:07 -0500
commit	b0def605a52b3acce1cb212f270b184d72f237f5 (patch)
tree	82d1a8c3665d45d4129a6a6641822d5612cedf48
parent	b8a7bad7995fceee83e61f2f403685d42d8759ce (diff)
download	tor-b0def605a52b3acce1cb212f270b184d72f237f5.tar.gz tor-b0def605a52b3acce1cb212f270b184d72f237f5.zip