Ubuntu
tor package

Comment 10 for bug 1039560

Revision history for this message

In Gentoo Bugzilla #432188, Glsamaker (glsamaker) wrote on 2012-08-27:

#10

CVE-2012-3519 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519):
  routerlist.c in Tor before 0.2.2.38 uses a different amount of time for
  relay-list iteration depending on which relay is chosen, which might allow
  remote attackers to obtain sensitive information about relay selection via a
  timing side-channel attack.

CVE-2012-3518 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518):
  The networkstatus_parse_vote_from_string function in routerparse.c in Tor
  before 0.2.2.38 does not properly handle an invalid flavor name, which
  allows remote attackers to cause a denial of service (out-of-bounds read and
  daemon crash) via a crafted (1) vote document or (2) consensus document.

CVE-2012-3517 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517):
  Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow
  remote attackers to cause a denial of service (daemon crash) via vectors
  related to failed DNS requests.

Ubuntutor package

Comment 10 for bug 1039560

Ubuntu
tor package