Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Tue, 21 Aug 2012 06:10:11 -0400 (EDT)
From: Jan Lieskovsky <jlieskov@...hat.com>
To: oss-security@...ts.openwall.com
Cc: oss-security@...ts.openwall.com
Subject: CVE Request -- Tor 0.2.2.38: Three issues

Hello Kurt, Steve, vendors,

  Tor upstream has recently released v0.2.2.38 version, correcting three
security flaws:

1) tor: Read from freed memory and double free by processing failed DNS request
   Upstream ticket:
   [1] https://trac.torproject.org/projects/tor/ticket/6480

   Relevant patch:
   [2] https://gitweb.torproject.org/tor.git/commitdiff/62637fa22405278758febb1743da9af562524d4c

   References:
   [3] https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html
   [4] https://bugzilla.novell.com/show_bug.cgi?id=776642
   [5] https://bugzilla.redhat.com/show_bug.cgi?id=849949

2) tor: Unitialized memory read by reading vote or consensus document with unrecognized flavor name
   Upstream ticket:
   [6] https://trac.torproject.org/projects/tor/ticket/6530

   Relevant patches:
   [7] https://gitweb.torproject.org/tor.git/commitdiff/57e35ad3d91724882c345ac709666a551a977f0f
   [8] https://gitweb.torproject.org/tor.git/commitdiff/55f635745afacefffdaafc72cc176ca7ab817546

   References:
   [9] https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html
   [10] https://bugzilla.novell.com/show_bug.cgi?id=776642
   Note: No Red Hat bug (Fedora tor versions already updated && EPEL one not affected).

3) tor: Client's relays path information leak
   Upstream ticket:
   [11] https://trac.torproject.org/projects/tor/ticket/6537

   Relevant patches:
   [12] https://gitweb.torproject.org/tor.git/commitdiff/308f6dad20675c42b29862f4269ad1fbfb00dc9a
   [13] https://gitweb.torproject.org/tor.git/commitdiff/d48cebc5e498b0ae673635f40fc57cdddab45d5b

   References:
   [14] https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html
   [15] https://bugzilla.novell.com/show_bug.cgi?id=776642
   Note: No Red Hat bug (same as in case 2,).

Could you allocate a CVE ids for these?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ