[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Advisory: Stack disclosure in hidden services logs when SafeLogging disabled
On Mon, Sep 18, 2017 at 1:19 PM, Toralf Förster <toralf.foerster@xxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 09/18/2017 03:41 PM, Nick Mathewson wrote:
>> This bug can only happen when the SafeLogging option is disabled,
>> and SafeLogging is enabled by default. If you have not disabled
>> SafeLogging, then you should be fine.
>
> Which should not hinder everybody to upgrade, b/c affected relay admins would upgrade soon and therefore expose themself to run hidden services, right ?
>
Relays are not affected. This bug only affects hidden services that
are running on one of the affected versions.
Still, it's probably a good idea for relays to update anyway. There
are other, smaller bugs fixed in every release.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays