[tor-bugs] #31101 [Circumvention/Snowflake]: Update websocket version in snowflake proxy
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 8 14:56:00 UTC 2019
#31101: Update websocket version in snowflake proxy
-------------------------------------+---------------------------
Reporter: cohosh | Owner: cohosh
Type: defect | Status: assigned
Priority: Medium | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points: .3
Reviewer: | Sponsor: Sponsor28
-------------------------------------+---------------------------
Description changed by cohosh:
Old description:
> We should update the node websocket dependency to a newer version.
>
> This involves editing `package.json` to require the newer version, and
> testing the result to make sure the proxy code still performs as
> expected.
New description:
We should update the node websocket dependency to a newer version.
This involves editing `package.json` to require the newer version, and
testing the result to make sure the proxy code still performs as expected.
This is to defend against a reported DoS vulnerability:
https://github.com/websockets/ws/commit/c4fe46608acd61fbf7397eadc47378903f95b78a
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31101#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list