Summary: | net-misc/tor: buff overflow; DoS; log spoofing | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Raphael Marichez (Falco) (RETIRED) <falco> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | humpback |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/20277 | ||
Whiteboard: | B2 [glsa] Falco | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 118918 |
Description
Raphael Marichez (Falco) (RETIRED)
![]() Setting to B2 because of #3 : 3) Some integer overflow errors exists when adding elements to smartlists. This can potentially be exploited to cause a buffer overflow via malicious large inputs. 0.1.1.20 has entry guards so should fix bug 118918 as well. humpback, please bump tor Arches please test and mark 0.1.1.20 stable, thank you. Last bug activity of humpback: 132125: 2006-05-08 05:27:31 So I bumped this myself, without the untested chroot stuff. x86 is done. Good old tor. stable on ppc64 ppc stable sparc stable. amd64 staaable GLSA 200606-04 |