Merge branch 'maint-0.4.4' into release-0.4.4

author: Nick Mathewson <nickm@torproject.org> 2021-06-10 08:42:15 -0400
committer: Nick Mathewson <nickm@torproject.org> 2021-06-10 08:42:15 -0400
commit: 15617f29cb8a067ac399557cc6e72e0a415946da (patch)
tree: 6b9cc10d213c759fad51afbb914fc001dcd328e3 /changes/bug40391
parent: aa4da024ad5aac5630ca957bcc9b521185d12f3f (diff)
parent: 31eaa81f59749ed7e9d4f1bad24225d23eb6f654 (diff)
download: tor-15617f29cb8a067ac399557cc6e72e0a415946da.tar.gz
tor-15617f29cb8a067ac399557cc6e72e0a415946da.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/changes/bug40391 b/changes/bug40391
new file mode 100644
index 0000000000..e3c186275f
--- /dev/null
+++ b/changes/bug40391
@@ -0,0 +1,9 @@
+  o Major bugfixes (security):
+    - Resist a hashtable-based CPU denial-of-service attack against
+      relays. Previously we used a naive unkeyed hash function to look up
+      circuits in a circuitmux object. An attacker could exploit this to
+      construct circuits with chosen circuit IDs in order to try to create
+      collisions and make the hash table inefficient.  Now we use a SipHash
+      construction for this hash table instead. Fixes bug 40391; bugfix on
+      0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005.
+      Reported by Jann Horn from Google's Project Zero.
author	Nick Mathewson <nickm@torproject.org>	2021-06-10 08:42:15 -0400
committer	Nick Mathewson <nickm@torproject.org>	2021-06-10 08:42:15 -0400
commit	15617f29cb8a067ac399557cc6e72e0a415946da (patch)
tree	6b9cc10d213c759fad51afbb914fc001dcd328e3 /changes/bug40391
parent	aa4da024ad5aac5630ca957bcc9b521185d12f3f (diff)
parent	31eaa81f59749ed7e9d4f1bad24225d23eb6f654 (diff)
download	tor-15617f29cb8a067ac399557cc6e72e0a415946da.tar.gz tor-15617f29cb8a067ac399557cc6e72e0a415946da.zip