mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
10 lines
602 B
Plaintext
10 lines
602 B
Plaintext
o Minor bugfixes (security):
|
|
- Fix a potential double free bug when reading huge bandwidth files. The
|
|
issue is not exploitable in the current Tor network because the
|
|
vulnerable code is only reached when directory authorities read bandwidth
|
|
files, but bandwidth files come from a trusted source (usually the
|
|
authorities themselves). Furthermore, the issue is only exploitable in
|
|
rare (non-POSIX) 32-bit architectures which are not used by any of the
|
|
current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found
|
|
and fixed by Tobias Stoeckmann.
|