diff --git a/ChangeLog b/ChangeLog
index 039cf5e162..50b3b4450e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@ Changes in version 0.2.1.20 - 2009-??-??
       patch. Bugfix on the 54th commit on Tor -- from July 2002,
       before the release of Tor 0.0.0. This is the new winner of the
       oldest-bug prize.
+    - Fix a remotely triggerable memory leak when a consensus document
+      contains more than one signature from the same voter. Bugfix on
+      0.2.0.3-alpha.
 
   o New directory authorities:
     - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 97dd20f4e3..189458ee1e 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -2509,6 +2509,14 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
     } else {
       if (tok->object_size >= INT_MAX)
         goto err;
+      /* We already parsed a vote from this voter. Use the first one. */
+      if (v->signature) {
+        log_fn(LOG_PROTOCOL_WARN, LD_DIR, "We received a networkstatus "
+                   "that contains two votes from the same voter. Ignoring "
+                   "the second vote.");
+        continue;
+      }
+
       v->signature = tor_memdup(tok->object_body, tok->object_size);
       v->signature_len = (int) tok->object_size;
     }