nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
54ccc80a4a
tor/changes/tolen_asserts
Nick Mathewson 50b06a2b76 make the description of tolen_asserts more dire 
We have a CVE # for this bug.
2011-01-15 11:49:26 -05:00

9 lines
349 B
Plaintext
Raw Blame History

o Major bugfixes (security)
- Fix a heap overflow bug where an adversary could cause heap
corruption. This bug potentially allows remote code execution
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
0.1.2.10-rc.
o Defensive programming
- Introduce output size checks on all of our decryption functions.
Reference in New Issue View Git Blame Copy Permalink