2eec37d211
Accepting request 913992 from home:jengelh:branches:network
Lars Vogdt
2021-09-14 09:53:56 +00:00
15cd3a170e
Accepting request 913992 from home:jengelh:branches:network
Lars Vogdt
2021-09-14 09:53:56 +00:00
70365a2b6a
Accepting request 912796 from network
Richard Brown
2021-08-19 08:00:59 +00:00
20a3a6898f
Accepting request 912796 from network
Richard Brown
2021-08-19 08:00:59 +00:00
f9d04d4f5a
tor 0.4.6.7: * Fix a DoS via a remotely triggerable assertion failure (boo#1189489, TROVE-2021-007, CVE-2021-38385)
Bernhard Wiedemann2021-08-17 18:55:29 +00:00
c1839d234c
tor 0.4.6.7: * Fix a DoS via a remotely triggerable assertion failure (boo#1189489, TROVE-2021-007, CVE-2021-38385)
Bernhard Wiedemann2021-08-17 18:55:29 +00:00
82111f669e
* Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell (CVE-2021-34548, boo#1187322) * Detect more failure conditions from the OpenSSL RNG code (boo#1187323) * Resist a hashtable-based CPU denial-of-service attack against relays (CVE-2021-34549, boo#1187324) * Fix an out-of-bounds memory access in v3 onion service descriptor parsing (CVE-2021-34550, boo#1187325)
Bernhard Wiedemann2021-06-15 04:50:11 +00:00
1bdc857df7
* Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell (CVE-2021-34548, boo#1187322) * Detect more failure conditions from the OpenSSL RNG code (boo#1187323) * Resist a hashtable-based CPU denial-of-service attack against relays (CVE-2021-34549, boo#1187324) * Fix an out-of-bounds memory access in v3 onion service descriptor parsing (CVE-2021-34550, boo#1187325)
Bernhard Wiedemann2021-06-15 04:50:11 +00:00
5806eeacc7
tor 0.4.5.9 * Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell * Detect more failure conditions from the OpenSSL RNG code * Resist a hashtable-based CPU denial-of-service attack against relays * Fix an out-of-bounds memory access in v3 onion service descriptor parsing
Bernhard Wiedemann2021-06-14 18:08:02 +00:00
38093bb364
tor 0.4.5.9 * Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell * Detect more failure conditions from the OpenSSL RNG code * Resist a hashtable-based CPU denial-of-service attack against relays * Fix an out-of-bounds memory access in v3 onion service descriptor parsing
Bernhard Wiedemann2021-06-14 18:08:02 +00:00
d1e0189c3f
tor 0.4.5.7 * https://lists.torproject.org/pipermail/tor-announce/2021-March/000216.html * Fix 2 denial of service security issues + Disable the dump_desc() function that we used to dump unparseable information to disk (CVE-2021-28089) + Fix a bug in appending detached signatures to a pending consensus document that could be used to crash a directory authority (CVE-2021-28090) * Ship geoip files based on the IPFire Location Database
Bernhard Wiedemann2021-03-16 23:45:23 +00:00
0f2e3f32e5
tor 0.4.5.7 * https://lists.torproject.org/pipermail/tor-announce/2021-March/000216.html * Fix 2 denial of service security issues + Disable the dump_desc() function that we used to dump unparseable information to disk (CVE-2021-28089) + Fix a bug in appending detached signatures to a pending consensus document that could be used to crash a directory authority (CVE-2021-28090) * Ship geoip files based on the IPFire Location Database
Bernhard Wiedemann2021-03-16 23:45:23 +00:00
b972deb443
tor 0.4.4.7 * Stop requiring a live consensus for v3 clients and services * Re-entry into the network is now denied at the Exit level * Fix undefined behavior on our Keccak library * Strip '\r' characters when reading text files on Unix platforms * Handle partial SOCKS5 messages correctly
Bernhard Wiedemann2021-02-05 08:19:53 +00:00
2d786a0093
tor 0.4.4.7 * Stop requiring a live consensus for v3 clients and services * Re-entry into the network is now denied at the Exit level * Fix undefined behavior on our Keccak library * Strip '\r' characters when reading text files on Unix platforms * Handle partial SOCKS5 messages correctly
Bernhard Wiedemann2021-02-05 08:19:53 +00:00
Bernhard Wiedemann
Dominique Leuenberger
Dirk Mueller
Lars Vogdt
Richard Brown