[Bug 321102] Re: Security fixes in tor 0.2.0.32 .33 .34

Hew McLachlan hew.mclachlan at gmail.com
Wed Mar 11 04:41:16 UTC 2009 

** Summary changed:

- Security fixes in tor 0.2.0.32 and .33
+ Security fixes in tor 0.2.0.32 .33 .34

** Description changed:

+ Tor 0.2.0.34 contains:
+ 
+   o Security fixes:
+     - Fix an infinite-loop bug on handling corrupt votes under certain
+       circumstances. Bugfix on 0.2.0.8-alpha.
+     - Fix a temporary DoS vulnerability that could be performed by
+       a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
+     - Avoid a potential crash on exit nodes when processing malformed
+       input. Remote DoS opportunity. Bugfix on 0.2.0.33.
+     - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
+       Spec conformance issue. Bugfix on Tor 0.0.2pre27.
+ 
+ -----
+ 
  Tor 0.2.0.33 comes with the following changelog entry: "Fix a heap-corruption bug that may be remotely triggerable on some platforms"
  (From http://archives.seul.org/or/announce/Jan-2009/msg00000.html)
  
  -----
  
    Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu
    packages (and maybe other packages) noticed by Theo de Raadt, fixes
    a smaller security flaw that might allow an attacker to access local
    services, further improves hidden service performance, and fixes a
    variety of other issues.
  
    o Security fixes:
      - The "User" and "Group" config options did not clear the
        supplementary group entries for the Tor process. The "User" option
        is now more robust, and we now set the groups to the specified
        user's primary group. The "Group" option is now ignored. For more
        detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
        in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
        and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
      - The "ClientDNSRejectInternalAddresses" config option wasn't being
        consistently obeyed: if an exit relay refuses a stream because its
        exit policy doesn't allow it, we would remember what IP address
        the relay said the destination address resolves to, even if it's
        an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
  
  https://www.torproject.org/svn/trunk/ChangeLog

-- 
Security fixes in tor 0.2.0.32 .33 .34
https://bugs.launchpad.net/bugs/321102
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

More information about the universe-bugs mailing list