Summary: | <net-misc/tor-0.2.8.9: Denial of Service | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | blueness, ncl |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blog.torproject.org/blog/tor-0289-released-important-fixes | ||
Whiteboard: | B3 [glsa cve glsa blocked] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 597394 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2016-10-19 12:19:16 UTC
(In reply to Agostino Sarubbo from comment #0) > From ${URL} : > > Major features (security fixes, also in 0.2.9.4-alpha): > Prevent a class of security bugs caused by treating the contents of a buffer > chunk as if they were a NUL-terminated string. At least one such bug seems > to be present in all currently used versions of Tor, and would allow an > attacker to remotely crash most Tor instances, especially those compiled > with > extra compiler hardening. With this defense in place, such bugs can't crash > Tor, though we should still fix them as they occur. Closes ticket 20384 > (TROVE-2016-10-001). > > > @maintainer(s): since the fixed package is already in the tree, please let > us know if it is ready for the stabilization or not. I already have a stabilization request going in bug #597394 *** Bug 597594 has been marked as a duplicate of this bug. *** Here, we will assign the ID to the broadest possible interpretation of the issue, which perhaps can be restated as "Tor internal functions were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present." Use CVE-2016-8860. With this CVE, any related "we should still fix them as they occur" patches can most likely be treated as defense-in-depth changes, and won't require separate CVE IDs. This issue was resolved and addressed in GLSA 201612-45 at https://security.gentoo.org/glsa/201612-45 by GLSA coordinator Aaron Bauman (b-man). |