From 890ae4fb1adfa13e37aaf5261e089e8c195a75cf Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 3 Mar 2021 15:14:31 -0500
Subject: Fix detection of point to insert signatures on a pending consensus.

We were looking for the first instance of "directory-signature "
when instead the correct behavior is to look for the first instance
of "directory-signature " at the start of a line.

Unfortunately, this can be exploited as to crash authorities while
they're voting.

Fixes #40316; bugfix on 0.2.2.4-alpha.  This is TROVE-2021-002,
also tracked as CVE-2021-28090.
---
 changes/bug40316 | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changes/bug40316

(limited to 'changes')

diff --git a/changes/bug40316 b/changes/bug40316
new file mode 100644
index 0000000000..cd275b5c9c
--- /dev/null
+++ b/changes/bug40316
@@ -0,0 +1,5 @@
+  o Major bugfixes (security, denial of service):
+    - Fix a bug in appending detached signatures to a pending consensus
+      document that could be used to crash a directory authority.
+      Fixes bug 40316; bugfix on 0.2.2.6-alpha. Tracked as
+      TROVE-2021-002 and CVE-2021-28090.
-- 
cgit v1.2.3-54-g00ecf