commit bca8bf62c6683374321cd2a306b6455e441661b9 Author: Roger Dingledine <arma@torproject.org> Date: Sun Mar 25 23:09:23 2012 -0400 explain that bug 5090 allows a post-auth heap overflow resolves bug 5402. --- ChangeLog | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5de4d63..a6dc608 100644 --- a/ChangeLog +++ b/ChangeLog @@ -43,8 +43,11 @@ Changes in version 0.2.3.13-alpha - 2012-03-1? - Detect and reject certain misformed escape sequences in configuration values. Previously, these values would cause us to crash if received in a torrc file or over an (authenticated) - control port. Bug found by Esteban Manchado Velázquez. Patch by - "flupzor". Fixes bug 5090; bugfix on 0.2.0.16-alpha. + control port. Bug found by Esteban Manchado Velázquez, and + independently by Robert Connolly from Matta Consulting who further + noted that it allows a post-authentication heap overflow. Patch + by "flupzor". Fixes bugs 5090 and 5402 (CVE 2012-1668); bugfix + on 0.2.0.16-alpha. - Ensure that variables set in Tor's environment cannot override environment variables which Tor tries to pass to a managed pluggable-transport proxy. Previously, Tor would pass every