[tor-commits] [tor/master] add bug number and explanation to changes/bug2385; call it a feature

nickm at torproject.org nickm at torproject.org
Mon Jun 25 16:08:58 UTC 2012


commit dcb1d0a67baa35b9645b19f2cf44f8ba3d0b30d1
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Jun 18 13:20:02 2012 -0400

    add bug number and explanation to changes/bug2385; call it a feature
---
 changes/bug2385 |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/changes/bug2385 b/changes/bug2385
index e7151f4..5d571d9 100644
--- a/changes/bug2385
+++ b/changes/bug2385
@@ -1,5 +1,9 @@
- o Minor bugfixes:
-   - Clear keys and key-derived material left on the stack in rendservice.c
-     and rendclient.c
+ o Minor features (security):
+   - Clear keys and key-derived material left on the stack in
+     rendservice.c and rendclient.c. This should make us more
+     forward-secure against cold-boot attacks and the like. Fix for
+     bug 2385.
+
    - Check return value of crypto_pk_write_private_key_to_string() in
-     end_service_load_keys()
+     end_service_load_keys(). This should make us more forward-secure
+     against cold-boot attacks and the like. Fix for bug 2385.





More information about the tor-commits mailing list