diff options
Diffstat (limited to 'changes/hsdir_assignment')
| -rw-r--r-- | changes/hsdir_assignment | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/changes/hsdir_assignment b/changes/hsdir_assignment new file mode 100644 index 0000000000..5c04b9b9bb --- /dev/null +++ b/changes/hsdir_assignment @@ -0,0 +1,8 @@ + o Security fixes: + - Directory authorities now use data collected from rephist when + choosing whether to assign the HSDir flag to relays, instead of + trusting the uptime value the relay reports in its descriptor. + This helps prevent an attack where a small set of nodes with + frequently-changing identity keys can blackhole a hidden service. + (Only authorities need upgrade; others will be fine once they do.) + Bugfix on 0.2.0.10-alpha; fixes bug 2709. |