diff options
| author | Roger Dingledine <arma@mit.edu> | 2009-06-12 11:18:02 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2009-06-12 11:22:54 -0400 |
| commit | 845326317d9c468012ac99fab6e78575a807ed4f (patch) | |
| tree | 2252411ecce56cc30590706a80920f5c8ad003d1 /ChangeLog | |
| parent | c50098ffc546bc0875daf9139bea64d09ad49fc0 (diff) | |
| download | tor-845326317d9c468012ac99fab6e78575a807ed4f.tar tor-845326317d9c468012ac99fab6e78575a807ed4f.tar.gz | |
Check answer_len in the remap_addr case of process_relay_cell_not_open.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -1,4 +1,9 @@ Changes in version 0.2.1.16-?? - 2009-??-?? + o Security fixes: + - Fix an edge case where a malicious exit relay could convince a + controller that the client's DNS question resolves to an internal IP + address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta. + o Major performance improvements (on 0.2.0.x): - Disable and refactor some debugging checks that forced a linear scan over the whole server-side DNS cache. These accounted for over 50% |