Lasse and Paul's attack has a CVE: CVE-2006-0414

svn:r5868

ChangeLog

@@ -35,6 +35,7 @@ Changes in version 0.1.1.11-alpha - 2006-01-10
       dramatically against certain end-point attacks. The EntryNodes
       config option now provides some hints about which entry guards you
       want to use most; and StrictEntryNodes means to only use those.
+      (CVE-2006-0414)
     - New directory logic: download by descriptor digest, not by
       fingerprint. Caches try to download all listed digests from
       authorities; clients try to download "best" digests from caches.

debian/changelog

@@ -23,7 +23,7 @@ tor (0.1.1.11-alpha-1) experimental; urgency=low
     - Implement "entry guards": automatically choose a handful of entry
       nodes and stick with them for all circuits.  This will increase
       security dramatically against certain end-point attacks
-      (closes: #349283).
+      (closes: #349283, CVE-2006-0414).
   * Forward port patches/07_log_to_file_by_default.
   * Forward port 0.1.0.16 changelog and change to copyright file.