[tor-commits] [tor/release-0.2.5] whoops; missing changes file for 14013
nickm at torproject.org
nickm at torproject.org
Mon Mar 9 17:37:06 UTC 2015
commit 184a2dbbdd27f958f5ac290fe030d1fac2959157
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue Dec 23 10:55:25 2014 -0500
whoops; missing changes file for 14013
---
changes/bug14013 | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/changes/bug14013 b/changes/bug14013
new file mode 100644
index 0000000..640cf85
--- /dev/null
+++ b/changes/bug14013
@@ -0,0 +1,6 @@
+ o Major bugfixes:
+ - When reading a hexadecimal, base-32, or base-64 encoded value
+ from a string, always overwrite the complete output buffer. This
+ prevents some bugs where we would look at (but fortunately, not
+ reveal) uninitialized memory on the stack. Fixes bug 14013;
+ bugfix on all versions of Tor.
More information about the tor-commits
mailing list