-
Committer:
Package Import Robot
-
Author(s):
Peter Palfrader
-
Date:
2012-10-26 09:15:09 UTC
-
mfrom:
(1.5.23)
-
Revision ID:
package-import@ubuntu.com-20121026091509-rbdqvhre6j06q958
Tags: 0.2.3.24-rc-1
* New upstream version:
- Fix a group of remotely triggerable assertion failures related to
incorrect link protocol negotiation. Found, diagnosed, and fixed
by "some guy from France". Fix for CVE-2012-2250; bugfix on
0.2.3.6-alpha.
- Fix a denial of service attack by which any directory authority
could crash all the others, or by which a single v2 directory
authority could crash everybody downloading v2 directory
information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
- and more.