← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1662548] Re: tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001

 

** Changed in: tor (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1662548

Title:
  tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001

Status in Tor:
  Unknown
Status in tor package in Ubuntu:
  Fix Released
Status in tor source package in Trusty:
  Confirmed
Status in tor source package in Xenial:
  Fix Released
Status in tor source package in Yakkety:
  Confirmed

Bug description:
  A buffer overrun can crash Tor 0.2.4.27 (trusty), 0.2.7.6 (xenial),
  0.2.8.8 (yakkety) causing d-o-s.

  Tor treats "the contents of a buffer chunk as if they were a NUL-
  terminated string. At least one such bug seems to be present in all
  currently used versions of Tor, and would allow an attacker to
  remotely crash most Tor instances, especially those compiled with
  extra compiler hardening."

To manage notifications about this bug go to:
https://bugs.launchpad.net/tor/+bug/1662548/+subscriptions