Handle NULL input to protover_compute_for_old_tor()

Fixes bug 24245; bugfix on 0.2.9.4-alpha. TROVE-2017-010.
author: Nick Mathewson <nickm@torproject.org> 2017-11-11 13:56:35 -0500
committer: Nick Mathewson <nickm@torproject.org> 2017-11-27 15:16:30 -0500
commit: 2c0487ecfb410d1361b114e60d8e9ffd2ed092ec (patch)
tree: f5b573ea8afcdbd7a6ca7a50dc880c8e71bde5db /changes
parent: 9666c620d584b2c715596b415a808941b17cbda0 (diff)
download: tor-2c0487ecfb410d1361b114e60d8e9ffd2ed092ec.tar.gz
tor-2c0487ecfb410d1361b114e60d8e9ffd2ed092ec.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/trove-2017-010 b/changes/trove-2017-010
new file mode 100644
index 0000000000..d5bf9333da
--- /dev/null
+++ b/changes/trove-2017-010
@@ -0,0 +1,6 @@
+  o Major bugfixes (security):
+    - Fix a denial-of-service issue where an attacker could crash
+      a directory authority using a malformed router descriptor.
+      Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked
+      as TROVE-2017-010 and CVE-2017-8820.
+
author	Nick Mathewson <nickm@torproject.org>	2017-11-11 13:56:35 -0500
committer	Nick Mathewson <nickm@torproject.org>	2017-11-27 15:16:30 -0500
commit	2c0487ecfb410d1361b114e60d8e9ffd2ed092ec (patch)
tree	f5b573ea8afcdbd7a6ca7a50dc880c8e71bde5db /changes
parent	9666c620d584b2c715596b415a808941b17cbda0 (diff)
download	tor-2c0487ecfb410d1361b114e60d8e9ffd2ed092ec.tar.gz tor-2c0487ecfb410d1361b114e60d8e9ffd2ed092ec.zip