changes file for TROVE-2018-005

2024-11-10 21:23:58 +01:00 · 2018-05-22 12:21:00 -04:00 · 2018-05-22 12:21:00 -04:00 · d2bc019053
commit d2bc019053
parent bc2d6876b3
1 changed files with 6 additions and 0 deletions
--- a/changes/TROVE-2018-005
+++ b/changes/TROVE-2018-005
@ -0,0 +1,6 @@
+  o Major bugfixes (security, directory authority, denial-of-service):
+    - Fix a bug that could have allowed an attacker to force a
+      directory authority to use up all its RAM by passing it a
+      maliciously crafted protocol versions string. Fixes bug 25517;
+      bugfix on 0.2.9.4-alpha.  This issue is also tracked as
+      TROVE-2018-005.