Merge branch 'maint-0.2.8'

author: Nick Mathewson <nickm@torproject.org> 2016-10-17 14:51:45 -0400
committer: Nick Mathewson <nickm@torproject.org> 2016-10-17 14:51:45 -0400
commit: 1a7488106326d2327fc24f32b13979b7029b813b (patch)
tree: 196d2dd54c0e9c68649b1c819a2042d1faa46fc5 /changes
parent: eae0c00ddaa8ee29c345b08773db28dd29005e42 (diff)
parent: 1df114330e6c11865f0283772395ef02359ba5a0 (diff)
download: tor-1a7488106326d2327fc24f32b13979b7029b813b.tar.gz
tor-1a7488106326d2327fc24f32b13979b7029b813b.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/changes/buf-sentinel b/changes/buf-sentinel
new file mode 100644
index 0000000000..7c5b829c19
--- /dev/null
+++ b/changes/buf-sentinel
@@ -0,0 +1,11 @@
+  o Major features (security fixes):
+
+    - Prevent a class of security bugs caused by treating the contents
+      of a buffer chunk as if they were a NUL-terminated string.  At
+      least one such bug seems to be present in all currently used
+      versions of Tor, and would allow an attacker to remotely crash
+      most Tor instances, especially those compiled with extra compiler
+      hardening. With this defense in place, such bugs can't crash Tor,
+      though we should still fix them as they occur. Closes ticket 20384
+      (TROVE-2016-10-001).
+
author	Nick Mathewson <nickm@torproject.org>	2016-10-17 14:51:45 -0400
committer	Nick Mathewson <nickm@torproject.org>	2016-10-17 14:51:45 -0400
commit	1a7488106326d2327fc24f32b13979b7029b813b (patch)
tree	196d2dd54c0e9c68649b1c819a2042d1faa46fc5 /changes
parent	eae0c00ddaa8ee29c345b08773db28dd29005e42 (diff)
parent	1df114330e6c11865f0283772395ef02359ba5a0 (diff)
download	tor-1a7488106326d2327fc24f32b13979b7029b813b.tar.gz tor-1a7488106326d2327fc24f32b13979b7029b813b.zip