Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Mar 2015 00:41:30 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: cve-assign@...re.org, weasel@...ian.org
Subject: Re: CVE request: Two vulnerabilities in Tor

With apologies, I thought they had been unlocked in BZ, did so now (they
are public now).

On 03/24/2015 12:15 AM, Salvatore Bonaccorso wrote:
> Hi all,
> 
> On Mon, Mar 23, 2015 at 07:13:27PM +0100, Moritz Muehlenhoff wrote:
>> Hi,
>> please assign two CVE IDs for tor:
>>
>> The upstream announcement is here:
>> https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html
>>
>> 1.
>> | Fix a remote denial-of-service opportunity caused by a bug in
>> | OSX's _strlcat_chk() function. Fixes bug 15205; bug first
>> | appeared in OSX 10.9.
>>
>> https://trac.torproject.org/projects/tor/ticket/15205
>>
>> 2.
>> | A relay could crash with an assertion error if a buffer of
>> | exactly the wrong layout was passed to buf_pullup() at exactly the
>> | wrong  time.
>>
>> https://trac.torproject.org/projects/tor/ticket/15083
>>
>> The second issue has been addressed in DSA 3203:
>> https://lists.debian.org/debian-security-announce/2015/msg00088.html
>> (the first obviously not, since it's MacOS-specific)
> 
> There is anothr one which was fixed in the same versions, and could
> potentially get a CVE:
> 
> https://trac.torproject.org/projects/tor/ticket/14129
> 
> Regards,
> Salvatore
> 

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ