Merge branch 'maint-0.2.9' into maint-0.3.1

4 files changed, 20 insertions, 0 deletions

diff --git a/changes/bug25249 b/changes/bug25249
new file mode 100644
index 0000000000..b4153eeaef
--- /dev/null
+++ b/changes/bug25249
@@ -0,0 +1,3 @@
+  o Minor bugfixes (spec conformance):
+    - Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on
+      0.2.9.4-alpha.
diff --git a/changes/bug25249.2 b/changes/bug25249.2
new file mode 100644
index 0000000000..9058c11071
--- /dev/null
+++ b/changes/bug25249.2
@@ -0,0 +1,3 @@
+  o Minor bugfixes (spec conformance):
+    - Forbid UINT32_MAX as a protocol version.  Fixes part of bug 25249;
+      bugfix on 0.2.9.4-alpha.
diff --git a/changes/trove-2018-001.1 b/changes/trove-2018-001.1
new file mode 100644
index 0000000000..f0ee92f409
--- /dev/null
+++ b/changes/trove-2018-001.1
@@ -0,0 +1,6 @@
+  o Major bugfixes (denial-of-service, directory authority):
+    - Fix a protocol-list handling bug that could be used to remotely crash
+      directory authorities with a null-pointer exception. Fixes bug 25074;
+      bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001.
+
+
diff --git a/changes/trove-2018-004 b/changes/trove-2018-004
new file mode 100644
index 0000000000..37e0a89b0d
--- /dev/null
+++ b/changes/trove-2018-004
@@ -0,0 +1,8 @@
+  o Minor bugfixes (denial-of-service):
+    - Fix a possible crash on malformed consensus. If a consensus had
+      contained an unparseable protocol line, it could have made clients
+      and relays crash with a null-pointer exception. To exploit this
+      issue, however, an attacker would need to be able to subvert the
+      directory-authority system. Fixes bug 25251; bugfix on
+      0.2.9.4-alpha. Also tracked as TROVE-2018-004.
+