diff options
Diffstat (limited to 'changes/bug4312')
| -rw-r--r-- | changes/bug4312 | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/changes/bug4312 b/changes/bug4312 new file mode 100644 index 000000000..f8647d3c7 --- /dev/null +++ b/changes/bug4312 @@ -0,0 +1,11 @@ + o Security fixes: + + - Block excess renegotiations even if they are RFC5746 compliant. + This mitigates potential SSL Denial of Service attacks that use + SSL renegotiation as a way of forcing the server to perform + unneeded computationally expensive SSL handshakes. Implements + #4312. + + - Fix a bug where tor would not notice excess renegotiation + attempts before it received the first data SSL record. Fixes + part of #4312. |