[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs
From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
Date: Wed, 7 Jun 2017 11:15:35 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 07 Jun 2017 11:16:26 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to; bh=VrYnb55wqTAmaWIR4etqqBWEJJ3ThzjjV6SWhh689+0=; b=UsuuPuDla5z9XYEJBjlne8DOixorAH2SFIyPOt6YjkFIhvevWy3KVwGqdv/ftmJK2h 1urIBZK7LTOhBy0AZFSfgJbunK8uWT0AUw87R+vCfOPanME+DIafRuPjKOVpR7IVIVhK VHTwNxygZwshdhDpp1BbFbaBkhqqEsDCJWbYedFc2fmHLcjeYiKA9K0JyxUdNq6Wclln WVRmJ5F/1JR7KXlNpqiWw8nw22FFoFgI/GakeowUT25R4dU/o4QNras9c824Mj6eQHEB RwG3AfI3IvFsvzVJHflKqkXa9YhK5QO6uGSI759iNfeMHXGSzMoVxOG0W0w/SJvjsE16 pW9w==
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi, all!

Tomorrow we'll be putting out new releases in all supported series
(0.2.4 through 0.3.1) to fix two vulnerabilities that we have found in
the hidden service code. These vulnerabilities allow an attacker to
cause a hidden service to crash with an assertion failure.  We believe
that is the only impact.  We are tracking these vulnerabilities as
TROVE-2017-004 and TROVE-2017-005.

For more information about how we handle security issues in Tor, see
our draft policy at:
    https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/SecurityPolicy

best wishes,
-- 
Nick
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs
  - From: Nick Mathewson
- Re: [tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs
  - From: T

Prev by Author: [tor-talk] Tor 0.3.1.3-alpha is released (with security fix for hidden services)
Next by Author: Re: [tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs
Previous by thread: Re: [tor-talk] Fwd: Shadow with Tor anonymity proofing
Next by thread: Re: [tor-talk] Upcoming Tor releases tomorrow, to fix Hidden Service remote DoS bugs
Index(es):
- Author
- Thread