changes file for TROVE-2018-005

This commit is contained in:
Nick Mathewson 2018-05-22 12:21:00 -04:00
parent 3283619acf
commit e5541996b7

6
changes/TROVE-2018-005 Normal file
View File

@ -0,0 +1,6 @@
o Major bugfixes (security, directory authority, denial-of-service):
- Fix a bug that could have allowed an attacker to force a
directory authority to use up all its RAM by passing it a
maliciously crafted protocol versions string. Fixes bug 25517;
bugfix on 0.2.9.4-alpha. This issue is also tracked as
TROVE-2018-005.