tor/changes/ticket33119
2020-02-05 12:02:32 -05:00

9 lines
517 B
Plaintext

o Major bugfixes (security, denial-of-service):
- Fix a denial-of-service bug that could be used by anyone to consume a
bunch of CPU on any Tor relay or authority, or by directories to
consume a bunch of CPU on clients or hidden services. Because
of the potential for CPU consumption to introduce observable
timing patterns, we are treating this as a high-severity security
issue. Fixes bug 33119; bugfix on 0.2.1.5-alpha. We are also tracking
this issue as TROVE-2020-002.