[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/release-0.3.5] Add TROVE-2019-001 to changelog for 0.3.5.8

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/release-0.3.5] Add TROVE-2019-001 to changelog for 0.3.5.8
From: nickm@xxxxxxxxxxxxxx
Date: Thu, 21 Feb 2019 15:24:33 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 21 Feb 2019 10:26:26 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 2d7735ea06b6ff9243d5516a24693941f2575f86
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Thu Feb 21 10:23:24 2019 -0500

    Add TROVE-2019-001 to changelog for 0.3.5.8
---
 ChangeLog           | 13 +++++++++++++
 changes/ticket29168 |  5 -----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 507981350..d4d0d3587 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,19 @@ Changes in version 0.3.5.8 - 2019-02-21
   for an annoying SOCKS-parsing bug that affected users in earlier 0.3.5.x
   releases.
 
+  It also includes a fix for a medium-severity security bug affecting Tor
+  0.3.2.1-alpha and later. All Tor instances running an affected release
+  should upgrade to 0.3.3.12, 0.3.4.11, 0.3.5.8, or 0.4.0.2-alpha.
+
+  o Major bugfixes (cell scheduler, KIST, security):
+    - Make KIST consider the outbuf length when computing what it can
+      put in the outbuf. Previously, KIST acted as though the outbuf
+      were empty, which could lead to the outbuf becoming too full. It
+      is possible that an attacker could exploit this bug to cause a Tor
+      client or relay to run out of memory and crash. Fixes bug 29168;
+      bugfix on 0.3.2.1-alpha. This issue is also being tracked as
+      TROVE-2019-001 and CVE-2019-8955.
+
   o Major bugfixes (networking, backport from 0.4.0.2-alpha):
     - Gracefully handle empty username/password fields in SOCKS5
       username/password auth messsage and allow SOCKS5 handshake to
diff --git a/changes/ticket29168 b/changes/ticket29168
deleted file mode 100644
index 65c5232f6..000000000
--- a/changes/ticket29168
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (cell scheduler, KIST):
-    - Make KIST to always take into account the outbuf length when computing
-      what we can actually put in the outbuf. This could lead to the outbuf
-      being filled up and thus a possible memory DoS vector. TROVE-2019-001.
-      Fixes bug 29168; bugfix on 0.3.2.1-alpha.

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/maint-0.4.0] kist: When readding chans, check correct chan's sched_heap_idx
Next by Author: [tor-commits] [torspec/master] Merge branch 'ope_spec2'
Previous by thread: [tor-commits] [tor/release-0.3.3] Changelog for 0.3.3.12
Next by thread: [tor-commits] [tor/release-0.3.4] Add TROVE-2019-001 to changelog for 0.3.4.11
Index(es):
- Author
- Thread