group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1662548] Re: tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Robie Basak <1662548@xxxxxxxxxxxxxxxxxx>
Date: Mon, 10 Apr 2017 12:47:33 -0000
Reply-to: Bug 1662548 <1662548@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Zesty has 0.2.9.10-1ubuntu1. I think this might mean that this issue is
fixed in Zesty? It isn't clear to me.

** Also affects: tor (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: tor (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: tor (Ubuntu Yakkety)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1662548

Title:
  tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001

Status in Tor:
  Unknown
Status in tor package in Ubuntu:
  Confirmed
Status in tor source package in Trusty:
  New
Status in tor source package in Xenial:
  New
Status in tor source package in Yakkety:
  New

Bug description:
  A buffer overrun can crash Tor 0.2.4.27 (trusty), 0.2.7.6 (xenial),
  0.2.8.8 (yakkety) causing d-o-s.

  Tor treats "the contents of a buffer chunk as if they were a NUL-
  terminated string. At least one such bug seems to be present in all
  currently used versions of Tor, and would allow an attacker to
  remotely crash most Tor instances, especially those compiled with
  extra compiler hardening."

To manage notifications about this bug go to:
https://bugs.launchpad.net/tor/+bug/1662548/+subscriptions