diff options
| author | David Goulet <dgoulet@torproject.org> | 2023-01-12 10:52:35 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2023-01-12 10:52:35 -0500 |
| commit | 14aad1a8bbc5d9f7941f4902626a4d861e4b8b7b (patch) | |
| tree | f268944d94efc15f0596c8650dbb95cc43066131 /changes | |
| parent | e94ba70fcda267c2fe6c71566d4f09889d10f394 (diff) | |
| parent | 7b83e336ec4a1d137d6400f4d501c9a73835e34d (diff) | |
| download | tor-14aad1a8bbc5d9f7941f4902626a4d861e4b8b7b.tar.gz tor-14aad1a8bbc5d9f7941f4902626a4d861e4b8b7b.zip | |
Merge branch 'maint-0.4.5' into release-0.4.5
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/ticket40730 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/ticket40730 b/changes/ticket40730 new file mode 100644 index 0000000000..f6d4c9de3b --- /dev/null +++ b/changes/ticket40730 @@ -0,0 +1,5 @@ + o Major bugfixes (TROVE-2022-002, client): + - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It + would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is + TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug + 40730; bugfix on 0.3.5.1-alpha. |