Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150406175716.GA26491@eldamar.local>
Date: Mon, 6 Apr 2015 19:57:16 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: CVE Assignments MITRE <cve-assign@...re.org>, team@...urity.debian.org,
	weasel@...ian.org
Subject: CVE Request: tor: new upstream releases (0.2.6.7, 0.2.5.12 and
 0.2.4.27) fixing security issues

Hi

New versions of tor were released (0.2.6.7, 0.2.5.12 and 0.2.4.27)
fixing denial of service vulnerabilities, the changelog for 0.2.6.7
lists the ones below. Could you assign CVE identifiers for those? (I
guess the first and second might deserve one? Not sure about the third
and last item):

> Changes in version 0.2.6.7 - 2015-04-06
>   Tor 0.2.6.7 fixes two security issues that could be used by an
>   attacker to crash hidden services, or crash clients visiting hidden
>   services. Hidden services should upgrade as soon as possible; clients
>   should upgrade whenever packages become available.
> 
>   This release also contains two simple improvements to make hidden
>   services a bit less vulnerable to denial-of-service attacks.
> 
>   o Major bugfixes (security, hidden service):
>     - Fix an issue that would allow a malicious client to trigger an
>       assertion failure and halt a hidden service. Fixes bug 15600;
>       bugfix on 0.2.1.6-alpha. Reported by "disgleirio".

https://trac.torproject.org/projects/tor/ticket/15600

>     - Fix a bug that could cause a client to crash with an assertion
>       failure when parsing a malformed hidden service descriptor. Fixes
>       bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".

https://trac.torproject.org/projects/tor/ticket/15601
> 
>   o Minor features (DoS-resistance, hidden service):
>     - Introduction points no longer allow multiple INTRODUCE1 cells to
>       arrive on the same circuit. This should make it more expensive for
>       attackers to overwhelm hidden services with introductions.
>       Resolves ticket 15515.

https://trac.torproject.org/projects/tor/ticket/15515

>     - Decrease the amount of reattempts that a hidden service performs
>       when its rendezvous circuits fail. This reduces the computational
>       cost for running a hidden service under heavy load. Resolves
>       ticket 11447.

https://trac.torproject.org/projects/tor/ticket/11447

Regards,
Salvatore

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.