[tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Feb 19 16:52:21 UTC 2020 

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  task                                 |         Status:
                                                 |  merge_ready
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.4.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  044-should, 043-backport,            |  Actual Points:
  041-backport, 042-backport, consider-          |
  backport-after-authority-test, fast-fix,       |
  network-health                                 |
Parent ID:                                       |         Points:  0.5
 Reviewer:  teor                                 |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 Gk asks:
 >nickm: assuming we want to have this in 0.4.4, what is the latest date we
 need to make a decision here (not taking into account that the new
 0.4.4/older versions with a backported patch need to get released and
 deployed first)? (That is: how much time do we have left to think about
 the potential impact on relay bandwidth/diversity etc. and try different
 means to reach affected operators?)

 Our feature freeze date for 0.4.4 is May 15, but I would like to have
 these versions off the network sooner than that if we can.

 I think we should aim to contact the affected relay operators soon, and
 measure what effect that has.  If it helps, we can try doing it more --
 but it may be that we don't see much effect, and the right thing to do is
 just to disable these versions.


 Teor notes:
 >If we patch any security issues, we won't patch 0.2.9 or 0.4.0. If we
 decide that a security fix is required, we might need to reject them
 straight after the release of that fix. We don't really control the timing
 of security fixes.

 Right, and the kind of security bug that we run into is important.  If
 (heaven forbid) we find an RCE issue, or a memory exposure issue, we'll
 need everybody to upgrade asap, with no delays, and no excuses.  If we run
 into a remote crash or CPU DoS issue, then we still want everybody to
 upgrade, since the issue would have potential to make traffic analysis
 easier, but it wouldn't be under ''as much'' time pressure as a critical-
 severity issue would be.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32672#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list