From 64798dab4f4fa9404c92d98cdb10d312b1f6e556 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 3 Jan 2011 15:54:23 -0500
Subject: Detect and disallow compression bombs

---
 changes/bug2324_uncompress | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changes/bug2324_uncompress

(limited to 'changes')

diff --git a/changes/bug2324_uncompress b/changes/bug2324_uncompress
new file mode 100644
index 0000000000..223a3ce35b
--- /dev/null
+++ b/changes/bug2324_uncompress
@@ -0,0 +1,5 @@
+  o Major bugfixes (security):
+    - Prevent a DoS attack by disallowing any zlib-compressed data
+      whose compression factor is implausibly high.  Fixes the
+      second part of bug2324; found by doors.
+
-- 
cgit v1.2.3-54-g00ecf