mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
9 lines
533 B
Plaintext
9 lines
533 B
Plaintext
|
o Major bugfixes (security, defense-in-depth):
|
||
|
- Detect a wider variety of failure conditions from the OpenSSL RNG
|
||
|
code. Previously, we would detect errors from a missing RNG
|
||
|
implementation, but not failures from the RNG code itself.
|
||
|
Fortunately, it appears those failures do not happen in practice
|
||
|
when Tor is using OpenSSL's default RNG implementation.
|
||
|
Fixes bug 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as
|
||
|
TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
|