diff options
Diffstat (limited to 'changes/bug40391')
| -rw-r--r-- | changes/bug40391 | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/changes/bug40391 b/changes/bug40391 deleted file mode 100644 index e3c186275f..0000000000 --- a/changes/bug40391 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (security): - - Resist a hashtable-based CPU denial-of-service attack against - relays. Previously we used a naive unkeyed hash function to look up - circuits in a circuitmux object. An attacker could exploit this to - construct circuits with chosen circuit IDs in order to try to create - collisions and make the hash table inefficient. Now we use a SipHash - construction for this hash table instead. Fixes bug 40391; bugfix on - 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005. - Reported by Jann Horn from Google's Project Zero. |