[tor-announce] Tor 0.2.2.39 is released
Roger Dingledine
arma at mit.edu
Sat Sep 15 11:12:08 UTC 2012
Tor 0.2.2.39 fixes two more opportunities for remotely triggerable
assertions.
https://www.torproject.org/download/download
Changes in version 0.2.2.39 - 2012-09-11
o Security fixes:
- Fix an assertion failure in tor_timegm() that could be triggered
by a badly formatted directory object. Bug found by fuzzing with
Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc.
- Do not crash when comparing an address with port value 0 to an
address policy. This bug could have been used to cause a remote
assertion failure by or against directory authorities, or to
allow some applications to crash clients. Fixes bug 6690; bugfix
on 0.2.1.10-alpha.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-announce/attachments/20120915/c13689f7/attachment.pgp>
More information about the tor-announce
mailing list