From 119896cd43f420a053c552afe390f6d66224b3b7 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 13 Mar 2014 10:07:10 -0400
Subject: Fix some leaks/missed checks in the unit tests

Coverity spotted these.
---
 ChangeLog | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 8002e4e04..3968337ec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,19 @@
 Changes in version 0.2.5.3-alpha - 2014-03-??
 
-  o Major features:
+  o Major features (security, DoS-resistance):
     - Also consider stream buffer sizes when calculating OOM
       conditions. Rename MaxMemInCellQueues to MaxMemInQueues. Fixes
       bug 10169.
+    - Avoid hash-flooding denial-of-service attacks by using the secure
+      SipHash-2-4 hash function for our hashtables.  Without this
+      feature, an attacker could degrade performance of a targeted
+      client or server by flooding their data structures with a large
+      number of data entries all calculated to be stored at the same
+      hash table position, thereby degrading hash table
+      performance. With this feature, hash table positions are derived
+      from a randomized cryptographic key using SipHash-2-4, and an
+      attacker cannot predict which entries will collide.
+      Closes ticket 4900.
 
   o Minor features:
     - Bridges write the SHA1 digest of their identity key fingerprint to
@@ -23,16 +33,6 @@ Changes in version 0.2.5.3-alpha - 2014-03-??
       database.
     - Decrease the lower limit of MaxMemInQueues to 256 MBytes, to
       appease raspberry pi users. Fixes bug 9686.
-    - Avoid hash-flooding denial-of-service attacks by using the secure
-      SipHash-2-4 hash function for our hashtables.  Without this
-      feature, an attacker could degrade performance of a targeted
-      client or server by flooding their data structures with a large
-      number of data entries all calculated to be stored at the same
-      hash table position, thereby degrading hash table
-      performance. With this feature, hash table positions are derived
-      from a randomized cryptographic key using SipHash-2-4, and an
-      attacker cannot predict which entries will collide.
-      Closes ticket 4900.
     - Made PREDICTED_CIRCS_RELEVANCE_TIME configurable from config
       file with a new option, PredictedPortsRelevanceTime. Implements
       ticket #9176. Patch by unixninja92.
-- 
cgit v1.2.3