From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 23 Dec 2014 15:55:25 +0000 (-0500)
Subject: whoops; missing changes file for 14013
X-Git-Tag: tor-0.2.6.2-alpha~27^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=184a2dbbdd27f958f5ac290fe030d1fac2959157;p=thirdparty%2Ftor.git

whoops; missing changes file for 14013
---

diff --git a/changes/bug14013 b/changes/bug14013
new file mode 100644
index 0000000000..640cf859f5
--- /dev/null
+++ b/changes/bug14013
@@ -0,0 +1,6 @@
+  o Major bugfixes:
+    - When reading a hexadecimal, base-32, or base-64 encoded value
+      from a string, always overwrite the complete output buffer. This
+      prevents some bugs where we would look at (but fortunately, not
+      reveal) uninitialized memory on the stack. Fixes bug 14013;
+      bugfix on all versions of Tor.