[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5402 [Tor Client]: #5090 allows post-auth heap overflow

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5402 [Tor Client]: #5090 allows post-auth heap overflow
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Mon, 26 Mar 2012 03:12:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 25 Mar 2012 23:12:31 -0400
In-reply-to: <044.12c6c9b06ce0e40b7eeca63a27ddbb2b@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.12c6c9b06ce0e40b7eeca63a27ddbb2b@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5402: #5090 allows post-auth heap overflow
---------------------------+------------------------------------------------
    Reporter:  arma        |       Owner:                    
        Type:  defect      |      Status:  closed            
    Priority:  major       |   Milestone:  Tor: 0.2.2.x-final
   Component:  Tor Client  |     Version:                    
  Resolution:  fixed       |    Keywords:                    
      Parent:              |      Points:                    
Actualpoints:              |  
---------------------------+------------------------------------------------
Changes (by arma):

  * status:  new => closed
  * resolution:  => fixed


Comment:

 Ok. I added the CVE, plus credit to "Robert Connolly from Matta
 Consulting", in git commit bca8bf62c66.

 Closing as resolved. Please reopen if you think of any security
 complications we need to reconsider.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5402#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #5402 [Tor Client]: #5090 allows post-auth heap overflow
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #5454 [Stem]: ExitPolicy Class for stem
Next by Author: Re: [tor-bugs] #5342 [Tor Client]: Never use a bridge-purpose node as an exit
Previous by thread: Re: [tor-bugs] #5402 [Tor Client]: #5090 allows post-auth heap overflow
Next by thread: [tor-bugs] #5403 [Tor bundles/installation]: Presence of tor-resolve in bundles for different plataform is inconsistent
Index(es):
- Author
- Thread