Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 919496 (TROVE-2023-007) - <net-vpn/tor-0.4.8.10: high severity issue in exit relays supporting conflux
Summary: <net-vpn/tor-0.4.8.10: high severity issue in exit relays supporting conflux
Status: RESOLVED FIXED
Alias: TROVE-2023-007
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~3 [noglsa]
Keywords: PullRequest
Depends on:
Blocks:
 
Reported: 2023-12-09 06:55 UTC by Federico Justus Denkena
Modified: 2023-12-09 18:13 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Federico Justus Denkena 2023-12-09 06:55:30 UTC 
Tor relays before version 0.4.8.10 have a high severity issue in conflux circuit building. Recommended to immediately upgrade the packages in gentoo and drop affected versions.
See: https://forum.torproject.org/t/security-release-0-4-8-10/10536
Comment 1 Federico Justus Denkena 2023-12-09 06:56:42 UTC 
Major bugfixes (TROVE-2023-007, exit):
    - Improper error propagation from a safety check in conflux leg
      linking lead to a desynchronization of which legs were part of a
      conflux set, ultimately causing a UAF and NULL pointer dereference
      crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.
Comment 2 Larry the Git Cow gentoo-dev 2023-12-09 18:11:04 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7aa526519c97de1127e0b98ed84fe7eef346c37b

commit 7aa526519c97de1127e0b98ed84fe7eef346c37b
Author:     Federico Justus Denkena <federico.denkena@posteo.de>
AuthorDate: 2023-12-09 09:34:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-12-09 18:06:10 +0000

    net-vpn/tor: add 0.4.8.10
    
    Bug: https://bugs.gentoo.org/919496
    Signed-off-by: Federico Justus Denkena <federico.denkena@posteo.de>
    Closes: https://github.com/gentoo/gentoo/pull/34188
    Signed-off-by: Sam James <sam@gentoo.org>

 net-vpn/tor/Manifest            |   3 +
 net-vpn/tor/tor-0.4.8.10.ebuild | 177 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 180 insertions(+)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-09 18:11:36 UTC 
~arch -> noglsa
Comment 4 Larry the Git Cow gentoo-dev 2023-12-09 18:12:57 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ac7454ec1e9bb9b859320cf3df6ee6fdf58c780

commit 0ac7454ec1e9bb9b859320cf3df6ee6fdf58c780
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-12-09 18:11:49 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-12-09 18:12:33 +0000

    net-vpn/tor: drop 0.4.8.9
    
    Bug: https://bugs.gentoo.org/919496
    Signed-off-by: Sam James <sam@gentoo.org>

 net-vpn/tor/Manifest           |   3 -
 net-vpn/tor/tor-0.4.8.9.ebuild | 177 -----------------------------------------
 2 files changed, 180 deletions(-)