site: Initialise st->scratch with SETUP_BUFFER_LEN space.

[secnet] / debian / changelog

diff --git a/debian/changelog b/debian/changelog
index cabe3f9..9c75165 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+secnet (0.3.0~beta3) unstable; urgency=low
+
+  * New upstream version.
+   - Stability bugfix: properly initialise site's scratch buffer.
+
+ --
+
 secnet (0.3.0~beta2) unstable; urgency=low
 
   * New upstream version.
@@ -6,6 +13,7 @@ secnet (0.3.0~beta2) unstable; urgency=low
    - SECURITY FIX: Provide a new transform, eax-serpent, to replace cbcmac.
    - SECURITY FIX: No longer send NAKs for NAKs, avoiding NAK storm.
    - SECURITY FIX: Fix site name checking when site name A is prefix of B.
+   - SECURITY FIX: Safely reject too-short IP packets.
    - Better robustness for mobile sites (proper user of NAKs, new PROD msg).
    - Better robustness against SLIP decoding errors.
    - Fix bugs which caused routes to sometimes not be advertised.