[tor-bugs] #20894 [Core Tor/Tor]: Fix known instance of TROVE-2016-10-001
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 5 23:35:40 UTC 2016
#20894: Fix known instance of TROVE-2016-10-001
------------------------------+------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.???
Component: Core Tor/Tor | Version: Tor: unspecified
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: 0.5 | Reviewer:
Sponsor: |
------------------------------+------------------------------
Since we're releasing the fuzzing code (#20893) that reveals the
underlying bug in #20384, we should also fix that bug.
It's entirely safe to fix the bug in 0.3.0, because the mitigation applied
in #20384 works.
When we fix it, we should credit:
Discovered by fuzzing using afl: http://lcamtuf.coredump.cx/afl/
It would be nice to email the maintainer with this ticket number and let
them know, so they can add it to their gallery.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20894>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list