Actually merge the CVE-2011-2778 log entry into ChangeLog

author: Nick Mathewson <nickm@torproject.org> 2011-12-15 13:14:50 -0500
committer: Nick Mathewson <nickm@torproject.org> 2011-12-15 13:14:50 -0500
commit: 796563f7f3924fb5f2bed39cd37e1471da657cc4 (patch)
tree: 282eaba2eec8b13052e69aab861805f594503743
parent: 7264e0d880d35a30e539b58b1c3d3745342b59ed (diff)
download: tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.tar.gz
tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index e1bc545b9f..98fb411832 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,10 @@ Changes in version 0.2.2.35 - 2011-12-16
   longer receive support after some time in early 2011.
 
   o Major bugfixes:
+    - Fix a heap overflow bug that could occur when trying to pull
+      data into the first chunk of a buffer, when that chunk had
+      already had some data drained from it. Fixes CVE-2011-2778;
+      bugfix on 0.2.0.16-alpha. Reported by "Vektor".
     - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so
       that it doesn't attempt to allocate a socketpair. This could cause
       some problems on Windows systems with overzealous firewalls. Fix for
author	Nick Mathewson <nickm@torproject.org>	2011-12-15 13:14:50 -0500
committer	Nick Mathewson <nickm@torproject.org>	2011-12-15 13:14:50 -0500
commit	796563f7f3924fb5f2bed39cd37e1471da657cc4 (patch)
tree	282eaba2eec8b13052e69aab861805f594503743
parent	7264e0d880d35a30e539b58b1c3d3745342b59ed (diff)
download	tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.tar.gz tor-796563f7f3924fb5f2bed39cd37e1471da657cc4.zip