diff options
Diffstat (limited to 'changes/bug7352')
| -rw-r--r-- | changes/bug7352 | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/changes/bug7352 b/changes/bug7352 deleted file mode 100644 index 74a878dbe..000000000 --- a/changes/bug7352 +++ /dev/null @@ -1,12 +0,0 @@ - o Major bugfixes: - - Tor tries to wipe potentially sensitive data after using it, so - that if some subsequent security failure exposes Tor's memory, - the damage will be limited. But we had a bug where the compiler - was eliminating these wipe operations when it decided that the - memory was no longer visible to a (correctly running) program, - hence defeating our attempt at defense in depth. We fix that - by using OpenSSL's OPENSSL_cleanse() operation, which a compiler - is unlikely to optimize away. Future versions of Tor may use - a less ridiculously heavy approach for this. Fixes bug 7352. - Reported in an article by Andrey Karpov. - |