From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 15 Dec 2011 18:14:50 +0000 (-0500)
Subject: Actually merge the CVE-2011-2778 log entry into ChangeLog
X-Git-Tag: tor-0.2.2.35~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=796563f7f3924fb5f2bed39cd37e1471da657cc4;p=thirdparty%2Ftor.git

Actually merge the CVE-2011-2778 log entry into ChangeLog
---

diff --git a/ChangeLog b/ChangeLog
index e1bc545b9f..98fb411832 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,10 @@ Changes in version 0.2.2.35 - 2011-12-16
   longer receive support after some time in early 2011.
 
   o Major bugfixes:
+    - Fix a heap overflow bug that could occur when trying to pull
+      data into the first chunk of a buffer, when that chunk had
+      already had some data drained from it. Fixes CVE-2011-2778;
+      bugfix on 0.2.0.16-alpha. Reported by "Vektor".
     - Initialize Libevent with the EVENT_BASE_FLAG_NOLOCK flag enabled, so
       that it doesn't attempt to allocate a socketpair. This could cause
       some problems on Windows systems with overzealous firewalls. Fix for