mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 14:23:30 +01:00
9 lines
465 B
Plaintext
9 lines
465 B
Plaintext
|
o Major bugfixes (security):
|
||
|
- Fix a denial of service bug where an attacker could use a malformed
|
||
|
directory object to cause a Tor instance to pause while OpenSSL would
|
||
|
try to read a passphrase from the terminal. (If the terminal was not
|
||
|
available, tor would continue running.) Fixes bug 24246; bugfix on
|
||
|
every version of Tor. Also tracked as TROVE-2017-011 and
|
||
|
CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
|
||
|
|