Tor 0.2.3.22-rc fixes another opportunity for a remotely triggerable assertion. We'll be putting out 0.2.2.39 packages shortly that fix the issue too. https://www.torproject.org/download/download https://www.torproject.org/dist/ (Packages coming eventually.) Changes in version 0.2.3.22-rc - 2012-09-11 o Security fixes: - Fix an assertion failure in tor_timegm() that could be triggered by a badly formatted directory object. Bug found by fuzzing with Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc. o Minor bugfixes: - Avoid segfault when starting up having run with an extremely old version of Tor and parsing its state file. Fixes bug 6801; bugfix on 0.2.2.23-alpha.
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk