[or-cvs] The reading-arbitrary-memory bug in June had a CVE too
Peter Palfrader
weasel at seul.org
Wed Jan 25 12:26:23 UTC 2006
Update of /home/or/cvsroot/tor/debian
In directory moria:/tmp/cvs-serv28636/debian
Modified Files:
changelog
Log Message:
The reading-arbitrary-memory bug in June had a CVE too
Index: changelog
===================================================================
RCS file: /home/or/cvsroot/tor/debian/changelog,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -p -d -r1.154 -r1.155
--- changelog 25 Jan 2006 12:19:23 -0000 1.154
+++ changelog 25 Jan 2006 12:26:21 -0000 1.155
@@ -202,7 +202,8 @@ tor (0.0.9.10-1) unstable; urgency=high
upload of the 0.0.9.x tree:
- Refuse relay cells that claim to have a length larger than the
maximum allowed. This prevents a potential attack that could read
- arbitrary memory (e.g. keys) from an exit server's process.
+ arbitrary memory (e.g. keys) from an exit server's process
+ (CVE-2005-2050).
-- Peter Palfrader <weasel at debian.org> Thu, 16 Jun 2005 22:56:11 +0200
More information about the tor-commits
mailing list