diff --git a/ChangeLog b/ChangeLog
index 224b08e99d..24b0cc6d1a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Changes in version 0.2.1.25 - 2010-??-??
+  o Major bugfixes:
+    - When freeing a cipher, zero it out completely. We only zeroed
+      the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
+      and patched by ekir. Fixes bug 1254.
+
 Changes in version 0.2.1.24 - 2010-02-21
   Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
   for sure!
diff --git a/src/common/aes.c b/src/common/aes.c
index e07665635b..224988915b 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -267,7 +267,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
 #ifdef USE_OPENSSL_EVP
   EVP_CIPHER_CTX_cleanup(&cipher->key);
 #endif
-  memset(cipher, 0, sizeof(cipher));
+  memset(cipher, 0, sizeof(aes_cnt_cipher_t));
   tor_free(cipher);
 }