aboutsummaryrefslogtreecommitdiff
path: root/changes/bug7139
blob: dfb7d32838c624fe39ce656bcc192af289d39c67 (plain)
1
2
3
4
5
6
7
8
9
  o Major bugfixes (security):

    - Disable TLS session tickets.  OpenSSL's implementation were giving
      our TLS session keys the lifetime of our TLS context objects, when
      perfect forward secrecy would want us to discard anything that
      could decrypt a link connection as soon as the link connection was
      closed.  Fixes bug 7139; bugfix on all versions of Tor linked
      against OpenSSL 1.0.0 or later. Found by "nextgens".