[tor-bugs] #4788 [Tor Directory Authority]: Reject all relays and bridges running 0.2.0.x

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Dec 29 16:52:29 UTC 2011

#4788: Reject all relays and bridges running 0.2.0.x
 Reporter:  rransom                  |          Owner:                    
     Type:  defect                   |         Status:  needs_review      
 Priority:  major                    |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Directory Authority  |        Version:                    
 Keywords:                           |         Parent:                    
   Points:                           |   Actualpoints:                    

Comment(by nickm):

 Since I don't currently have a reason to reject through (other than "there are not many of them!"), I am going to say
 "no" on that one, and go with the approach from my bug4788 branch.

 So the rejected versions are just going to be "everything that suffers
 from CVE-2011-0427".  That is,

   * Everything ''before''  [So is the first allowed
   * Everything from through (inclusive). [So is the first allowed 0.2.2.x version.]

 Also, I've merged the bug4788 branch into the repo.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4788#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list