Merge branch 'maint-0.2.5' into maint-0.2.6

author: Nick Mathewson <nickm@torproject.org> 2016-12-20 18:11:25 -0500
committer: Nick Mathewson <nickm@torproject.org> 2016-12-20 18:11:25 -0500
commit: b18bde23cf9c0afc95a83c3bfc7205218add4ddd (patch)
tree: ba5e7e68771c928e10250f75bb6802f0fd777a65 /changes
parent: 3d9f8ff6a5c37e9f124f8111f904b97f095ca621 (diff)
parent: db58d4d16ff156b8827198b2732646c73eb59f14 (diff)
download: tor-b18bde23cf9c0afc95a83c3bfc7205218add4ddd.tar.gz
tor-b18bde23cf9c0afc95a83c3bfc7205218add4ddd.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/changes/bug21018 b/changes/bug21018
new file mode 100644
index 0000000000..49a8b47a25
--- /dev/null
+++ b/changes/bug21018
@@ -0,0 +1,11 @@
+  o Major bugfixes (parsing, security):
+
+    - Fix a bug in parsing that could cause clients to read a single
+      byte past the end of an allocated region. This bug could be
+      used to cause hardened clients (built with
+      --enable-expensive-hardening) to crash if they tried to visit
+      a hostile hidden service.  Non-hardened clients are only
+      affected depending on the details of their platform's memory
+      allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
+      using libFuzzer. Also tracked as TROVE-2016-12-002 and as
+      CVE-2016-1254.
author	Nick Mathewson <nickm@torproject.org>	2016-12-20 18:11:25 -0500
committer	Nick Mathewson <nickm@torproject.org>	2016-12-20 18:11:25 -0500
commit	b18bde23cf9c0afc95a83c3bfc7205218add4ddd (patch)
tree	ba5e7e68771c928e10250f75bb6802f0fd777a65 /changes
parent	3d9f8ff6a5c37e9f124f8111f904b97f095ca621 (diff)
parent	db58d4d16ff156b8827198b2732646c73eb59f14 (diff)
download	tor-b18bde23cf9c0afc95a83c3bfc7205218add4ddd.tar.gz tor-b18bde23cf9c0afc95a83c3bfc7205218add4ddd.zip