mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-12-11 05:03:34 +01:00
1880a6a88e
Fixes bug 24246 and TROVE-2017-011.
This bug is so old, it's in Matej's code. Seems to have been
introduced with e01522bbed
.
9 lines
465 B
Plaintext
9 lines
465 B
Plaintext
o Major bugfixes (security):
|
|
- Fix a denial of service bug where an attacker could use a malformed
|
|
directory object to cause a Tor instance to pause while OpenSSL would
|
|
try to read a passphrase from the terminal. (If the terminal was not
|
|
available, tor would continue running.) Fixes bug 24246; bugfix on
|
|
every version of Tor. Also tracked as TROVE-2017-011 and
|
|
CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
|
|
|