Description A vulnerability has been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error within the "policy_summarize()" function in src/or/policies.c, which can be exploited to crash a Tor directory authority. The vulnerability is reported in versions prior to 0.2.1.30. Solution Update to version 0.2.1.30. Provided and/or discovered by The vendor credits piebeer. Original Advisory https://lists.torproject.org/pipermail/tor-announce/2011-February/000000.html http://secunia.com/advisories/43548/
Maintainers, is it OK to stabilize net-misc/tor-0.2.1.30? To speed up the process, feel free to CC arches and add the STABLEREQ keyword yourself (and change the status whiteboard from "stable?" to "stable").
Yes, it is ready for stabilization.
Sorry, still getting used to new bugzilla ... added arches.
ppc/ppc64 stable
amd64 ok
Looks also good here on x86.
amd64 done, thanks Agostino
x86 stable. Thanks Andreas.
arm/sparc stable
Thanks, everyone. GLSA Vote: Yes.
Vulnerable versions (tor-0.2.1.29 and tor-0.2.1.29-r1) removed from tree.
GLSA vote: NO
Vote: yes, added to existing GLSA.
CVE-2011-1924 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924): Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.
no clue why bsd is in cc
This issue was resolved and addressed in GLSA 201110-13 at http://security.gentoo.org/glsa/glsa-201110-13.xml by GLSA coordinator Tim Sammut (underling).