diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-05-22 12:27:15 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-05-22 12:27:15 -0400 |
| commit | a3a8d80bebdbb8988a2f33dea8b18a41e445c06f (patch) | |
| tree | 9ce3e1b62be136f2b5e886a7013e2f58c58b75b9 /changes | |
| parent | 3d126632430fe60e7ced72bf82cd2c16f297297e (diff) | |
| parent | d2bc019053058b09b5552d327106d9fbe0acad56 (diff) | |
| download | tor-a3a8d80bebdbb8988a2f33dea8b18a41e445c06f.tar.gz tor-a3a8d80bebdbb8988a2f33dea8b18a41e445c06f.zip | |
Merge branch 'trove-2018-005_032' into trove-2018-005_033
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/TROVE-2018-005 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/TROVE-2018-005 b/changes/TROVE-2018-005 new file mode 100644 index 0000000000..769c653f43 --- /dev/null +++ b/changes/TROVE-2018-005 @@ -0,0 +1,6 @@ + o Major bugfixes (security, directory authority, denial-of-service): + - Fix a bug that could have allowed an attacker to force a + directory authority to use up all its RAM by passing it a + maliciously crafted protocol versions string. Fixes bug 25517; + bugfix on 0.2.9.4-alpha. This issue is also tracked as + TROVE-2018-005. |