nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

changes file for 33119 aka TROVE-2020-002

Browse Source
This commit is contained in:
Nick Mathewson 2020-02-05 12:02:32 -05:00
parent f160212ee8
commit d0bce65ce2
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
changes/ticket33119 Normal file
View File

@ -0,0 +1,8 @@
o Major bugfixes (security, denial-of-service):
- Fix a denial-of-service bug that could be used by anyone to consume a
bunch of CPU on any Tor relay or authority, or by directories to
consume a bunch of CPU on clients or hidden services. Because
of the potential for CPU consumption to introduce observable
timing patterns, we are treating this as a high-severity security
issue. Fixes bug 33119; bugfix on 0.2.1.5-alpha. We are also tracking
this issue as TROVE-2020-002.