Merge branch 'buf_sentinel_026_v2' into maint-0.2.8

author: Nick Mathewson <nickm@torproject.org> 2016-10-17 14:51:06 -0400
committer: Nick Mathewson <nickm@torproject.org> 2016-10-17 14:51:06 -0400
commit: 1df114330e6c11865f0283772395ef02359ba5a0 (patch)
tree: 2091d0521d784bcdec813dd0e517e2daa1ff5524 /changes
parent: ab98c4387eadf380f6fe71b8dc1b568704a379ea (diff)
parent: 3cea86eb2fbb65949673eb4ba8ebb695c87a57ce (diff)
download: tor-1df114330e6c11865f0283772395ef02359ba5a0.tar.gz
tor-1df114330e6c11865f0283772395ef02359ba5a0.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/changes/buf-sentinel b/changes/buf-sentinel
new file mode 100644
index 0000000000..7c5b829c19
--- /dev/null
+++ b/changes/buf-sentinel
@@ -0,0 +1,11 @@
+  o Major features (security fixes):
+
+    - Prevent a class of security bugs caused by treating the contents
+      of a buffer chunk as if they were a NUL-terminated string.  At
+      least one such bug seems to be present in all currently used
+      versions of Tor, and would allow an attacker to remotely crash
+      most Tor instances, especially those compiled with extra compiler
+      hardening. With this defense in place, such bugs can't crash Tor,
+      though we should still fix them as they occur. Closes ticket 20384
+      (TROVE-2016-10-001).
+
author	Nick Mathewson <nickm@torproject.org>	2016-10-17 14:51:06 -0400
committer	Nick Mathewson <nickm@torproject.org>	2016-10-17 14:51:06 -0400
commit	1df114330e6c11865f0283772395ef02359ba5a0 (patch)
tree	2091d0521d784bcdec813dd0e517e2daa1ff5524 /changes
parent	ab98c4387eadf380f6fe71b8dc1b568704a379ea (diff)
parent	3cea86eb2fbb65949673eb4ba8ebb695c87a57ce (diff)
download	tor-1df114330e6c11865f0283772395ef02359ba5a0.tar.gz tor-1df114330e6c11865f0283772395ef02359ba5a0.zip