| blob | 166a5faec6bb6a67649f9d65f6171888e1b4dcea |
1 o Major bugfixes (security):
2 - When checking for replays in the INTRODUCE1 cell data for a (legacy)
3 hiddden service, correctly detect replays in the RSA-encrypted part of
4 the cell. We were previously checking for replays on the entire cell,
5 but those can be circumvented due to the malleability of Tor's legacy
6 hybrid encryption. This fix helps prevent a traffic confirmation
7 attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also
8 tracked as TROVE-2017-009 and CVE-2017-8819.