diff options
Diffstat (limited to 'changes/pathsel-BUGGY-a')
| -rw-r--r-- | changes/pathsel-BUGGY-a | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/changes/pathsel-BUGGY-a b/changes/pathsel-BUGGY-a new file mode 100644 index 0000000000..2e642c7953 --- /dev/null +++ b/changes/pathsel-BUGGY-a @@ -0,0 +1,14 @@ + o Security fixes: + + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. Previously, a Tor client + would stop iterating through the list of available relays as + soon as it had chosen one, thus finishing a little earlier + when it picked a router earlier in the list. If an attacker + can recover this timing information (nontrivial but not + proven to be impossible), they could learn some coarse- + grained information about which relays a client was picking + (middle nodes in particular are likelier to be affected than + exits). The timing attack might be mitigated by other factors + (see bug #6537 for some discussion), but it's best not to + take chances. Fixes bug 6537; bugfix on 0.0.8rc1. |