[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.
From: nusenu <nusenu@xxxxxxxxxxxxxxx>
Date: Tue, 16 Feb 2016 21:10:38 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 16 Feb 2016 16:10:59 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1455657045; bh=cuveqUluxM4GqF+kkG/YKlkKzL+ZIhTcIxntX/I4W+o=; h=Subject:To:References:From:Date:In-Reply-To:From; b=N/cmNsMmC6nQ1VYnPWjfndQihXkeJOSmt8YBYOX48qEPszdQWNWb3Oi+YB/PXHLM4 y55//0ptjYiKhyMBtMebUyF8xdWDLIAWbzwr0PjmXfsYzN+j7SVcrP21fP+L371qKr VGuyeslenvMs36f+gYT41jeX6QEIYqhRmFmA8iwQ=
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1455657045; bh=cuveqUluxM4GqF+kkG/YKlkKzL+ZIhTcIxntX/I4W+o=; h=Subject:To:References:From:Date:In-Reply-To:From; b=N/cmNsMmC6nQ1VYnPWjfndQihXkeJOSmt8YBYOX48qEPszdQWNWb3Oi+YB/PXHLM4 y55//0ptjYiKhyMBtMebUyF8xdWDLIAWbzwr0PjmXfsYzN+j7SVcrP21fP+L371qKr VGuyeslenvMs36f+gYT41jeX6QEIYqhRmFmA8iwQ=
In-reply-to: <CAKDKvuznXZFaoqMaURzWQ7S8bUs3zxoowBA05zSGbOVEWtmS=w@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuznXZFaoqMaURzWQ7S8bUs3zxoowBA05zSGbOVEWtmS=w@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

I'm wondering whether clients, using tor's DNSPort as upstream DNS
server, were  "accidentally protected" against exploits trying to take
advantage of this vulnerability.
(or the other way around: where exits in a "lucky" position to
compromise all their clients by providing them special DNS responses)

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.
  - From: Nick Mathewson

Prev by Author: Re: [tor-talk] How to make the Tor service to stop faster?
Next by Author: Re: [tor-talk] Large spike in .onion addresses - port scan?
Previous by thread: [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.
Next by thread: [tor-talk] Tor Weekly News -- February 15th, 2016
Index(es):
- Author
- Thread