[tor-bugs] #7277 [Tor bundles/installation]: timestamp leaked in TLS client hello
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Oct 31 20:20:06 UTC 2013
#7277: timestamp leaked in TLS client hello
------------------------------------------+--------------------------------
Reporter: proper | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor bundles/installation | Version:
Resolution: | Keywords: tor-client
Actual Points: | Parent ID: #9767
Points: |
------------------------------------------+--------------------------------
Changes (by nickm):
* component: Tor => Tor bundles/installation
Comment:
OpenSSL has merged my openssl patches. Later versions of 1.0.1 and later
will have gmt_unix_time off by default.
To get this patch before 1.0.1f comes out (and who knows when that will
be), just use my
https://github.com/nmathewson/openssl/tree/no_gmt_unix_time branch. It has
a few patches on top of 1.0.1e.
To get the OpenSSL people to release 1.0.1f, the historically most
reliable method has been to discover a new vulnerability. ;)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7277#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list