Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND

Fix suggested by Nick Mathewson.
author: Robert Ransom <rransom.8774@gmail.com> 2011-10-23 14:27:56 -0700
committer: Sebastian Hahn <sebastian@torproject.org> 2011-10-26 23:20:56 +0200
commit: af12c39d6de5bbcd24915db3c4cc9404f102ac02 (patch)
tree: d54e82419530e0248367fdba1547a7b7d0e0dec9 /changes/issue-2011-10-19L
parent: 638fdedcf16cf7d6f7c586d36f7ef335c1c9714f (diff)
download: tor-af12c39d6de5bbcd24915db3c4cc9404f102ac02.tar.gz
tor-af12c39d6de5bbcd24915db3c4cc9404f102ac02.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/changes/issue-2011-10-19L b/changes/issue-2011-10-19L
index 972823eeea..1fefd7267e 100644
--- a/changes/issue-2011-10-19L
+++ b/changes/issue-2011-10-19L
@@ -10,3 +10,12 @@
       upgrade.  Fixes CVE-2011-2768.  Bugfix on FIXME; found by
       frosty_un.
 
+    - Don't use any OR connection on which we have received a
+      CREATE_FAST cell to satisfy an EXTEND request.  Previously, we
+      would not consider whether a connection appears to be from a
+      client or bridge when deciding whether to use that connection to
+      satisfy an EXTEND request.  Mitigates CVE-2011-2768, by
+      preventing an attacker from determining whether an unpatched
+      client is connected to a patched relay.  Bugfix on FIXME; found
+      by frosty_un.
+
author	Robert Ransom <rransom.8774@gmail.com>	2011-10-23 14:27:56 -0700
committer	Sebastian Hahn <sebastian@torproject.org>	2011-10-26 23:20:56 +0200
commit	af12c39d6de5bbcd24915db3c4cc9404f102ac02 (patch)
tree	d54e82419530e0248367fdba1547a7b7d0e0dec9 /changes/issue-2011-10-19L
parent	638fdedcf16cf7d6f7c586d36f7ef335c1c9714f (diff)
download	tor-af12c39d6de5bbcd24915db3c4cc9404f102ac02.tar.gz tor-af12c39d6de5bbcd24915db3c4cc9404f102ac02.zip