Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3

author: Nick Mathewson <nickm@torproject.org> 2012-10-19 00:58:33 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-10-19 00:58:33 -0400
commit: a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409 (patch)
tree: 1911e3433a3f12f6c42a6a0fa6a573bfdebdf09d /changes
parent: e2549c3b745313d6647c7e1d05025a84e1d33873 (diff)
parent: 8743080a289a20bfaf0a67d6382ba0c2a6d6534d (diff)
download: tor-a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409.tar.gz
tor-a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/changes/bug7139 b/changes/bug7139
new file mode 100644
index 0000000000..dfb7d32838
--- /dev/null
+++ b/changes/bug7139
@@ -0,0 +1,9 @@
+  o Major bugfixes (security):
+
+    - Disable TLS session tickets.  OpenSSL's implementation were giving
+      our TLS session keys the lifetime of our TLS context objects, when
+      perfect forward secrecy would want us to discard anything that
+      could decrypt a link connection as soon as the link connection was
+      closed.  Fixes bug 7139; bugfix on all versions of Tor linked
+      against OpenSSL 1.0.0 or later. Found by "nextgens".
+
author	Nick Mathewson <nickm@torproject.org>	2012-10-19 00:58:33 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-10-19 00:58:33 -0400
commit	a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409 (patch)
tree	1911e3433a3f12f6c42a6a0fa6a573bfdebdf09d /changes
parent	e2549c3b745313d6647c7e1d05025a84e1d33873 (diff)
parent	8743080a289a20bfaf0a67d6382ba0c2a6d6534d (diff)
download	tor-a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409.tar.gz tor-a0e9dc9f55a452d78d9d16b4a2fc7d57dafa0409.zip