Merge branch 'trove-2017-009_025' into maint-0.2.5

author: Nick Mathewson <nickm@torproject.org> 2017-11-30 12:05:59 -0500
committer: Nick Mathewson <nickm@torproject.org> 2017-11-30 12:05:59 -0500
commit: a6a0c7a4ecc22a744b123a47d466963f6023a11f (patch)
tree: 0031c3ea29b23e203f0fe43b26e2d6f9cf751185 /changes
parent: 831d3b794da65b03be7e4fd107ba209d7211de76 (diff)
parent: 75509dc82778a3bb866dca0fa86ae3e179ad78fa (diff)
download: tor-a6a0c7a4ecc22a744b123a47d466963f6023a11f.tar.gz
tor-a6a0c7a4ecc22a744b123a47d466963f6023a11f.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/changes/trove-2017-009 b/changes/trove-2017-009
new file mode 100644
index 0000000000..166a5faec6
--- /dev/null
+++ b/changes/trove-2017-009
@@ -0,0 +1,10 @@
+  o Major bugfixes (security):
+    - When checking for replays in the INTRODUCE1 cell data for a (legacy)
+      hiddden service, correctly detect replays in the RSA-encrypted part of
+      the cell. We were previously checking for replays on the entire cell,
+      but those can be circumvented due to the malleability of Tor's legacy
+      hybrid encryption. This fix helps prevent a traffic confirmation
+      attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also
+      tracked as TROVE-2017-009 and CVE-2017-8819.
+
+
author	Nick Mathewson <nickm@torproject.org>	2017-11-30 12:05:59 -0500
committer	Nick Mathewson <nickm@torproject.org>	2017-11-30 12:05:59 -0500
commit	a6a0c7a4ecc22a744b123a47d466963f6023a11f (patch)
tree	0031c3ea29b23e203f0fe43b26e2d6f9cf751185 /changes
parent	831d3b794da65b03be7e4fd107ba209d7211de76 (diff)
parent	75509dc82778a3bb866dca0fa86ae3e179ad78fa (diff)
download	tor-a6a0c7a4ecc22a744b123a47d466963f6023a11f.tar.gz tor-a6a0c7a4ecc22a744b123a47d466963f6023a11f.zip