[ubuntu/disco-proposed] tor 0.3.5.8-1 (Accepted)
costamagnagianfranco at yahoo.it
Mon Feb 25 16:58:50 UTC 2019
tor (0.3.5.8-1) unstable; urgency=medium
* Replace all references to /var/run with /run (closes: #918898).
* New upstream version.
- Includes a fix for a medium-severity security bug:
Make KIST consider the outbuf length when computing what it can
put in the outbuf. Previously, KIST acted as though the outbuf
were empty, which could lead to the outbuf becoming too full. It
is possible that an attacker could exploit this bug to cause a Tor
client or relay to run out of memory and crash. Fixes bug 29168;
bugfix on 0.3.2.1-alpha. This issue is also being tracked as
TROVE-2019-001 and CVE-2019-8955.
Date: 2019-02-22 16:41:30.313368+00:00
Changed-By: Peter Palfrader <weasel at debian.org>
Signed-By: Gianfranco Costamagna <costamagnagianfranco at yahoo.it>
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes