From 2c0487ecfb410d1361b114e60d8e9ffd2ed092ec Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sat, 11 Nov 2017 13:56:35 -0500
Subject: Handle NULL input to protover_compute_for_old_tor()

Fixes bug 24245; bugfix on 0.2.9.4-alpha. TROVE-2017-010.
---
 changes/trove-2017-010 | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 changes/trove-2017-010

(limited to 'changes')

diff --git a/changes/trove-2017-010 b/changes/trove-2017-010
new file mode 100644
index 0000000000..d5bf9333da
--- /dev/null
+++ b/changes/trove-2017-010
@@ -0,0 +1,6 @@
+  o Major bugfixes (security):
+    - Fix a denial-of-service issue where an attacker could crash
+      a directory authority using a malformed router descriptor.
+      Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked
+      as TROVE-2017-010 and CVE-2017-8820.
+
-- 
cgit v1.2.3-54-g00ecf