Bug 919496 (TROVE-2023-007)

Major bugfixes (TROVE-2023-007, exit):
    - Improper error propagation from a safety check in conflux leg
      linking lead to a desynchronization of which legs were part of a
      conflux set, ultimately causing a UAF and NULL pointer dereference
      crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.

Comment 2 Larry the Git Cow 2023-12-09 18:11:04 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7aa526519c97de1127e0b98ed84fe7eef346c37b

commit 7aa526519c97de1127e0b98ed84fe7eef346c37b
Author:     Federico Justus Denkena <federico.denkena@posteo.de>
AuthorDate: 2023-12-09 09:34:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-12-09 18:06:10 +0000

    net-vpn/tor: add 0.4.8.10
    
    Bug: https://bugs.gentoo.org/919496
    Signed-off-by: Federico Justus Denkena <federico.denkena@posteo.de>
    Closes: https://github.com/gentoo/gentoo/pull/34188
    Signed-off-by: Sam James <sam@gentoo.org>

 net-vpn/tor/Manifest            |   3 +
 net-vpn/tor/tor-0.4.8.10.ebuild | 177 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 180 insertions(+)

Comment 3 Sam James 2023-12-09 18:11:36 UTC

~arch -> noglsa

Comment 4 Larry the Git Cow 2023-12-09 18:12:57 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ac7454ec1e9bb9b859320cf3df6ee6fdf58c780

commit 0ac7454ec1e9bb9b859320cf3df6ee6fdf58c780
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-12-09 18:11:49 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-12-09 18:12:33 +0000

    net-vpn/tor: drop 0.4.8.9
    
    Bug: https://bugs.gentoo.org/919496
    Signed-off-by: Sam James <sam@gentoo.org>

 net-vpn/tor/Manifest           |   3 -
 net-vpn/tor/tor-0.4.8.9.ebuild | 177 -----------------------------------------
 2 files changed, 180 deletions(-)