Merge remote-tracking branch 'origin/maint-0.2.3'

author: Nick Mathewson <nickm@torproject.org> 2012-08-09 10:52:45 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-08-09 10:52:45 -0400
commit: 0b21170085c2e868ac90f7771392681b5dfb0ad2 (patch)
tree: d958ba4882dca949d51778ca5afe766176d645fd /changes
parent: 0ea3a3a7a60c92726ffd1795a76666adada9f866 (diff)
parent: 91b52a259a271df7ceeea6d8bf7adbd4d7e15a6c (diff)
download: tor-0b21170085c2e868ac90f7771392681b5dfb0ad2.tar
tor-0b21170085c2e868ac90f7771392681b5dfb0ad2.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/changes/bug6252_again b/changes/bug6252_again
new file mode 100644
index 000000000..f7fd00cb3
--- /dev/null
+++ b/changes/bug6252_again
@@ -0,0 +1,11 @@
+  o Security fixes:
+    - Tear down the circuit if we get an unexpected SENDME cell. Clients
+      could use this trick to make their circuits receive cells faster
+      than our flow control would have allowed, or to gum up the network,
+      or possibly to do targeted memory denial-of-service attacks on
+      entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor --
+      from July 2002, before the release of Tor 0.0.0.  We had committed
+      this patch previously, but we had to revert it because of bug 6271.
+      Now that 6271 is fixed, this appears to work.
+
+
author	Nick Mathewson <nickm@torproject.org>	2012-08-09 10:52:45 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-08-09 10:52:45 -0400
commit	0b21170085c2e868ac90f7771392681b5dfb0ad2 (patch)
tree	d958ba4882dca949d51778ca5afe766176d645fd /changes
parent	0ea3a3a7a60c92726ffd1795a76666adada9f866 (diff)
parent	91b52a259a271df7ceeea6d8bf7adbd4d7e15a6c (diff)
download	tor-0b21170085c2e868ac90f7771392681b5dfb0ad2.tar tor-0b21170085c2e868ac90f7771392681b5dfb0ad2.tar.gz