shift the categories around a bit

2012-10-20 13:54:36 -04:00 · 2012-10-20 13:54:36 -04:00 · 922fb087f9
parent abfaf217fb
commit 922fb087f9
1 changed files with 3 additions and 3 deletions
--- a/6
+++ b/6
@ -7,19 +7,19 @@ Changes in version 0.2.3.23-rc - 2012-10-20
    - Add Faravahar (run by Sina Rabbani) as the ninth v3 directory
      authority. Closes ticket 5749.

-  o Major bugfixes (security):
+  o Major bugfixes (security/privacy):
    - Disable TLS session tickets. OpenSSL's implementation was giving
      our TLS session keys the lifetime of our TLS context objects, when
      perfect forward secrecy would want us to discard anything that
      could decrypt a link connection as soon as the link connection
      was closed. Fixes bug 7139; bugfix on all versions of Tor linked
      against OpenSSL 1.0.0 or later. Found by Florent Daignière.
-
-  o Major bugfixes:
    - Discard extraneous renegotiation attempts once the V3 link
      protocol has been initiated. Failure to do so left us open to
      a remotely triggerable assertion failure. Fixes CVE-2012-2249;
      bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
+
+  o Major bugfixes:
    - Fix a possible crash bug when checking for deactivated circuits
      in connection_or_flush_from_first_active_circuit(). Fixes bug 6341;
      bugfix on 0.2.2.7-alpha. Bug report and fix received pseudonymously.