diff options
author | Nick Mathewson <nickm@torproject.org> | 2011-12-15 13:14:50 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2011-12-15 13:14:50 -0500 |
commit | 796563f7f3924fb5f2bed39cd37e1471da657cc4 (patch) | |
tree | 282eaba2eec8b13052e69aab861805f594503743 | |
parent | 7264e0d880d35a30e539b58b1c3d3745342b59ed (diff) | |
download | tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.tar.gz tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.zip |
Actually merge the CVE-2011-2778 log entry into ChangeLog
-rw-r--r-- | ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -32,6 +32,10 @@ Changes in version 0.2.2.35 - 2011-12-16 longer receive support after some time in early 2011. o Major bugfixes: + - Fix a heap overflow bug that could occur when trying to pull + data into the first chunk of a buffer, when that chunk had + already had some data drained from it. Fixes CVE-2011-2778; + bugfix on 0.2.0.16-alpha. Reported by "Vektor". - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so that it doesn't attempt to allocate a socketpair. This could cause some problems on Windows systems with overzealous firewalls. Fix for |