make the description of tolen_asserts more dire

author Nick Mathewson <nickm@torproject.org>

Sat, 15 Jan 2011 15:54:58 +0000 (10:54 -0500)

committer Nick Mathewson <nickm@torproject.org>

Sat, 15 Jan 2011 16:49:26 +0000 (11:49 -0500)
author Nick Mathewson <nickm@torproject.org>
Sat, 15 Jan 2011 15:54:58 +0000 (10:54 -0500)
committer Nick Mathewson <nickm@torproject.org>
Sat, 15 Jan 2011 16:49:26 +0000 (11:49 -0500)
diff --git a/changes/tolen_asserts b/changes/tolen_asserts

index 90cdb2d75e7b8097143f7aeb21119dbc6c764c65..a9834ab669d03268b40eb7cffeaf0cd73d23129d 100644 (file)
--- a/changes/tolen_asserts
+++ b/changes/tolen_asserts
@@ -1,9 +1,8 @@
    o Major bugfixes (security)
      - Fix a heap overflow bug where an adversary could cause heap
-      corruption.  Since the contents of the corruption would need to be
-      the output of an RSA decryption, we do not think this is easy to
-      turn in to a remote code execution attack, but everybody should
-      upgrade anyway.  Found by debuger.  Bugfix on 0.1.2.10-rc.
+      corruption.  This bug potentially allows remote code execution
+      attacks.  Found by debuger.  Fixes CVE-2011-0427.  Bugfix on
+      0.1.2.10-rc.
    o Defensive programming
      - Introduce output size checks on all of our decryption functions.
author	Nick Mathewson <nickm@torproject.org>
	Sat, 15 Jan 2011 15:54:58 +0000 (10:54 -0500)
committer	Nick Mathewson <nickm@torproject.org>
	Sat, 15 Jan 2011 16:49:26 +0000 (11:49 -0500)