| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-10-25 | Fold in changelog item; draft blurb for 0.2.4.5-alpha | Nick Mathewson | |
| 2012-10-23 | Fix a remotely triggerable assertion failure (CVE-2012-2250) | Nick Mathewson | |
| If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node, and to forward-port it to 0.2.4. | |||
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |