changes file for 33119 aka TROVE-2020-002

This commit is contained in:
Nick Mathewson 2020-02-05 12:02:32 -05:00
parent f160212ee8
commit d0bce65ce2

8
changes/ticket33119 Normal file
View File

@ -0,0 +1,8 @@
o Major bugfixes (security, denial-of-service):
- Fix a denial-of-service bug that could be used by anyone to consume a
bunch of CPU on any Tor relay or authority, or by directories to
consume a bunch of CPU on clients or hidden services. Because
of the potential for CPU consumption to introduce observable
timing patterns, we are treating this as a high-severity security
issue. Fixes bug 33119; bugfix on 0.2.1.5-alpha. We are also tracking
this issue as TROVE-2020-002.