10 lines
448 B
Plaintext
10 lines
448 B
Plaintext
o Major bugfixes (security):
|
|
|
|
- Disable TLS session tickets. OpenSSL's implementation were giving
|
|
our TLS session keys the lifetime of our TLS context objects, when
|
|
perfect forward secrecy would want us to discard anything that
|
|
could decrypt a link connection as soon as the link connection was
|
|
closed. Fixes bug 7139; bugfix on all versions of Tor linked
|
|
against OpenSSL 1.0.0 or later. Found by "nextgens".
|
|
|