aboutsummaryrefslogtreecommitdiff
path: root/changes/pathsel-BUGGY-a
diff options
context:
space:
mode:
Diffstat (limited to 'changes/pathsel-BUGGY-a')
-rw-r--r--changes/pathsel-BUGGY-a12
1 files changed, 12 insertions, 0 deletions
diff --git a/changes/pathsel-BUGGY-a b/changes/pathsel-BUGGY-a
new file mode 100644
index 0000000000..cad2af5c0d
--- /dev/null
+++ b/changes/pathsel-BUGGY-a
@@ -0,0 +1,12 @@
+ o Security fixes:
+
+ - Try to leak less information about what relays a client is
+ choosing to a side-channel attacker. Previously, a Tor client
+ would stop iterating through the list of available relays as
+ soon as it had chosen one, thus leaking information about which
+ relays it picked for a circuit to a timing attack. (Tor is
+ likely to still leak information about which relays it has
+ chosen for a circuit to other processes on the same computer,
+ through e.g. which cache lines it loads while building the
+ circuit.)
+
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion