tor/bug40316 at 32f5ad76653a4ff0a38a244cf78f02de921a5302 - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00

Nick Mathewson 890ae4fb1a Fix detection of point to insert signatures on a pending consensus.

We were looking for the first instance of "directory-signature "
when instead the correct behavior is to look for the first instance
of "directory-signature " at the start of a line.

Unfortunately, this can be exploited as to crash authorities while
they're voting.

Fixes #40316; bugfix on 0.2.2.4-alpha.  This is TROVE-2021-002,
also tracked as CVE-2021-28090.

2021-03-15 08:56:58 -04:00

6 lines

288 B

Plaintext

Raw Blame History

   o Major bugfixes (security, denial of service):
     - Fix a bug in appending detached signatures to a pending consensus
       document that could be used to crash a directory authority.
       Fixes bug 40316; bugfix on 0.2.2.6-alpha. Tracked as
       TROVE-2021-002 and CVE-2021-28090.