[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-announce] Tor 0.2.2.39 is released

To: tor-announce@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-announce] Tor 0.2.2.39 is released
From: Roger Dingledine <arma@xxxxxxx>
Date: Sat, 15 Sep 2012 07:12:08 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 15 Sep 2012 07:12:27 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-announce>
List-help: <mailto:tor-announce-request@lists.torproject.org?subject=help>
List-id: "announce: Important announcements relating to Tor" <tor-announce.lists.torproject.org>
List-post: <mailto:tor-announce@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce>, <mailto:tor-announce-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-announce>, <mailto:tor-announce-request@lists.torproject.org?subject=unsubscribe>
Sender: tor-announce-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14)

Tor 0.2.2.39 fixes two more opportunities for remotely triggerable
assertions.

https://www.torproject.org/download/download

Changes in version 0.2.2.39 - 2012-09-11
  o Security fixes:
    - Fix an assertion failure in tor_timegm() that could be triggered
      by a badly formatted directory object. Bug found by fuzzing with
      Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc.
    - Do not crash when comparing an address with port value 0 to an
      address policy. This bug could have been used to cause a remote
      assertion failure by or against directory authorities, or to
      allow some applications to crash clients. Fixes bug 6690; bugfix
      on 0.2.1.10-alpha.

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-announce mailing list
tor-announce@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce

Index(es):
- Author
- Thread