Security fixes in tor 0.2.0.32 .33 .34
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tor (Debian) |
Fix Released
|
Unknown
|
|||
tor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
High
|
Unassigned | ||
Gutsy |
Won't Fix
|
High
|
Unassigned | ||
Hardy |
Fix Released
|
High
|
Unassigned | ||
Intrepid |
Fix Released
|
High
|
Unassigned |
Bug Description
Tor 0.2.0.34 contains:
o Security fixes:
- Fix an infinite-loop bug on handling corrupt votes under certain
circumsta
- Fix a temporary DoS vulnerability that could be performed by
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
- Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity. Bugfix on 0.2.0.33.
- Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
Spec conformance issue. Bugfix on Tor 0.0.2pre27.
-----
Tor 0.2.0.33 comes with the following changelog entry: "Fix a heap-corruption bug that may be remotely triggerable on some platforms"
(From http://
-----
Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu
packages (and maybe other packages) noticed by Theo de Raadt, fixes
a smaller security flaw that might allow an attacker to access local
services, further improves hidden service performance, and fixes a
variety of other issues.
o Security fixes:
- The "User" and "Group" config options did not clear the
supplementary group entries for the Tor process. The "User" option
is now more robust, and we now set the groups to the specified
user's primary group. The "Group" option is now ignored. For more
detailed logging on credential switching, set CREDENTIAL_
in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
- The "ClientDNSRejec
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
description: | updated |
description: | updated |
Changed in tor (Ubuntu Intrepid): | |
status: | Fix Committed → Fix Released |
Changed in tor (Ubuntu Hardy): | |
status: | Fix Committed → Fix Released |
Changed in tor (Debian): | |
status: | Unknown → Fix Released |
Changed in tor (Ubuntu Dapper): | |
status: | Confirmed → Won't Fix |
Thanks for your report. You have mentioned a number of issues:
I notice there was a major security fix in 0.2.0.32 (that specifically mentions Ubuntu), as well as the fix you mentioned in 0.2.0.33. This bug should be used for the security problem/s as per https:/ /wiki.ubuntu. com/SecurityUpd ateProcedures.
The latest version in Ubuntu is tor 0.2.0.32-1 in Jaunty. I have filed a sync request for 0.2.0.33-1 at bug 321122.
If you are interested in having the latest version of tor in Ubuntu Hardy, please file a backport request as described at https:/ /help.ubuntu. com/community/ UbuntuBackports .