bug7139 448 B

123456789
  1. o Major bugfixes (security):
  2. - Disable TLS session tickets. OpenSSL's implementation were giving
  3. our TLS session keys the lifetime of our TLS context objects, when
  4. perfect forward secrecy would want us to discard anything that
  5. could decrypt a link connection as soon as the link connection was
  6. closed. Fixes bug 7139; bugfix on all versions of Tor linked
  7. against OpenSSL 1.0.0 or later. Found by "nextgens".