Merge branch 'maint-0.4.5' into release-0.4.5

author: Nick Mathewson <nickm@torproject.org> 2021-03-15 08:54:00 -0400
committer: Nick Mathewson <nickm@torproject.org> 2021-03-15 08:54:00 -0400
commit: 9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a (patch)
tree: a97a3d0751b6d93f50aedeba53b1a0cda129d07d /changes
parent: 1fdfa8eeed7f29b1e44f29d0a07e467f6adb062f (diff)
parent: a6533af9e8d90fda13180064e98b49ac3c3cdf86 (diff)
download: tor-9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a.tar.gz
tor-9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/changes/ticket40286_minimal b/changes/ticket40286_minimal
index b8669debaa..6a04ca79eb 100644
--- a/changes/ticket40286_minimal
+++ b/changes/ticket40286_minimal
@@ -1,5 +1,6 @@
-  o Major bugfixes (denial of service):
+  o Major bugfixes (security, denial of service):
     - Disable the dump_desc() function that we used to dump unparseable
       information to disk. It was called incorrectly in several places,
-      in a way that could lead to excessive CPU usage.
-      Fixes bug 40286; bugfix on 0.2.2.1-alpha.
+      in a way that could lead to excessive CPU usage.  Fixes bug 40286;
+      bugfix on 0.2.2.1-alpha. This bug is also tracked as
+      TROVE-2021-001 and CVE-2021-28089.
author	Nick Mathewson <nickm@torproject.org>	2021-03-15 08:54:00 -0400
committer	Nick Mathewson <nickm@torproject.org>	2021-03-15 08:54:00 -0400
commit	9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a (patch)
tree	a97a3d0751b6d93f50aedeba53b1a0cda129d07d /changes
parent	1fdfa8eeed7f29b1e44f29d0a07e467f6adb062f (diff)
parent	a6533af9e8d90fda13180064e98b49ac3c3cdf86 (diff)
download	tor-9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a.tar.gz tor-9c63b3b0c22f67e059d9c9dcb22ce0d8efc0512a.zip