tor/cve-2012-2249 at f357ef9dccccfb5ce2408dbd5f8456de02bac895 - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00

Nick Mathewson f357ef9dcc Discard extraneous renegotiation attempts in the v3 link protocol

Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".

2012-10-17 19:18:16 -04:00

6 lines

300 B

Plaintext

Raw Blame History

   o Major bugfixes (security):
     - Discard extraneous renegotiation attempts once the V3 link
       protocol has been initiated. Failure to do so left us open to
       a remotely triggerable assertion failure. Fixes CVE-2012-2249;
       bugfix on 0.2.3.6-alpha. Reported by "some guy from France".