mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
make the description of tolen_asserts more dire
We have a CVE # for this bug.
This commit is contained in:
parent
115782bdbe
commit
50b06a2b76
@ -1,9 +1,8 @@
|
||||
o Major bugfixes (security)
|
||||
- Fix a heap overflow bug where an adversary could cause heap
|
||||
corruption. Since the contents of the corruption would need to be
|
||||
the output of an RSA decryption, we do not think this is easy to
|
||||
turn in to a remote code execution attack, but everybody should
|
||||
upgrade anyway. Found by debuger. Bugfix on 0.1.2.10-rc.
|
||||
corruption. This bug potentially allows remote code execution
|
||||
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
|
||||
0.1.2.10-rc.
|
||||
o Defensive programming
|
||||
- Introduce output size checks on all of our decryption functions.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user