Merge remote-tracking branch 'origin/maint-0.2.4'

author: Nick Mathewson <nickm@torproject.org> 2014-04-14 18:00:54 -0400
committer: Nick Mathewson <nickm@torproject.org> 2014-04-14 18:00:54 -0400
commit: bc4c966851c16cfe3c92375fba22baf45a111a67 (patch)
tree: 759dc8ef6375e04b5a59f484d3b0ee1977055d59 /changes/bug11464_023
parent: 0820031419efcd39c2fddfa5efebbaa779982620 (diff)
parent: 149931571a4c5ad9ec24eb6d4306e8965a454211 (diff)
download: tor-bc4c966851c16cfe3c92375fba22baf45a111a67.tar
tor-bc4c966851c16cfe3c92375fba22baf45a111a67.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug11464_023 b/changes/bug11464_023
new file mode 100644
index 000000000..80c04b21e
--- /dev/null
+++ b/changes/bug11464_023
@@ -0,0 +1,5 @@
+  o Major features (security):
+    - Block authority signing keys that were used on an authorities
+      vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
+      (We don't have any evidence that these keys _were_ compromised;
+      we're doing this to be prudent.) Resolves ticket 11464.
author	Nick Mathewson <nickm@torproject.org>	2014-04-14 18:00:54 -0400
committer	Nick Mathewson <nickm@torproject.org>	2014-04-14 18:00:54 -0400
commit	bc4c966851c16cfe3c92375fba22baf45a111a67 (patch)
tree	759dc8ef6375e04b5a59f484d3b0ee1977055d59 /changes/bug11464_023
parent	0820031419efcd39c2fddfa5efebbaa779982620 (diff)
parent	149931571a4c5ad9ec24eb6d4306e8965a454211 (diff)
download	tor-bc4c966851c16cfe3c92375fba22baf45a111a67.tar tor-bc4c966851c16cfe3c92375fba22baf45a111a67.tar.gz