[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Libevent vulnerability CVE-2014-6272 - Tor affected?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Libevent vulnerability CVE-2014-6272 - Tor affected?
From: Dave Warren <davew@xxxxxxxxxxxx>
Date: Tue, 06 Jan 2015 12:58:13 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 06 Jan 2015 16:03:39 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple; d=hireahit.com; s=MD-20140321; t=1420577898; x=1421182698; q=dns/txt; h=Message-ID: Date:From:User-Agent:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=5JG7XU32R XZv/LNEWcM1YcQmctpPcWtDckboSWaA2CU=; b=Ux1s4wYOk1W5ZzL42lVEWwQl7 /f4Fb4sh07MbzAMzYud0Log77nLTOh3AFvZqXIl4rE5x7ABv/wF+2wy3X4J/MIlp ItN2dLtK0RBpkcTXeq91rqldb1wVNOB8KKDqaWxpSc5nZJjBi17P4YwI17Zacjb+ JAu/Y+WY+Oe4TZ0rYk=
In-reply-to: <54AC4A8F.9040401@xxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54AC4A8F.9040401@xxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:24.0) Gecko/20140623 FossaMail/24.6.0

On 2015-01-06 12:50, Nikolas Raiser wrote:

Hi folks,
can anyone tell me if Tor, since it uses libevent, is affected by thisvulnerability "Advisory: integer overflow in evbuffers for Libevent <=1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272]"http://archives.seul.org/libevent/users/Jan-2015/msg00010.html .

Check the list archives for CVE-2014-6272. "The answer is: this does notaffect Tor."


--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Libevent vulnerability CVE-2014-6272 - Tor affected?
  - From: Nikolas Raiser

Prev by Author: Re: [tor-talk] GSOC 15
Next by Author: Re: [tor-talk] Tor on the iPhone?
Previous by thread: Re: [tor-talk] Libevent vulnerability CVE-2014-6272 - Tor affected?
Next by thread: [tor-talk] What to do if meek gets blocked
Index(es):
- Author
- Thread