Anzeigen der neuesten Beiträge
0 Mitglieder und 3 Gäste betrachten dieses Thema.
2012-06-08 Advanced Onion Router 0.3.0.9- [tor-0.2.2.35] Change IP address for maatuska (v3 directory authority).- [tor-0.2.2.35] Change IP address for ides (v3 directory authority), and rename it to turtles.- [tor-0.2.2.35] When building or running with any version of OpenSSL earlier than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL versions have a bug (CVE-2011-4576) in which their block cipher padding includes uninitialized data, potentially leaking sensitive information to any peer with whom they make a SSLv3 connection. Tor does not use SSL v3 by default, but a hostile client or server could force an SSLv3 connection in order to gain information that they shouldn't have been able to get. The best solution here is to upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building or running with a non-upgraded OpenSSL, we disable SSLv3 entirely to make sure that the bug can't happen.- [tor-0.2.2.35] Never use a bridge or a controller-supplied node as an exit, even if its exit policy allows it. Found by wanoskarnet. Fixes bug 5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors) and 0.2.0.3-alpha (for bridge-purpose descriptors).- [tor-0.2.2.35] Only build circuits if we have a sufficient threshold of the total descriptors that are marked in the consensus with the "Exit" flag. This mitigates an attack proposed by wanoskarnet, in which all of a client's bridges collude to restrict the exit nodes that the client knows about. Fixes bug 5343.- [tor-0.2.2.35] Provide controllers with a safer way to implement the cookie authentication mechanism. With the old method, if another locally running program could convince a controller that it was the Tor process, then that program could trick the contoller into telling it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" authentication method uses a challenge-response approach to prevent this attack. Fixes bug 5185; implements proposal 193.- [tor-0.2.2.35] Avoid logging uninitialized data when unable to decode a hidden service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.- [tor-0.2.2.35] Avoid a client-side assertion failure when receiving an INTRODUCE2 cell on a general purpose circuit. Fixes bug 5644; bugfix on 0.2.1.6-alpha.- [tor-0.2.2.35] Fix the SOCKET_OK test that we use to tell when socket creation fails so that it works on Win64. Fixes part of bug 4533; bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.- [tor-0.2.2.35] Reject out-of-range times like 23:59:61 in parse_rfc1123_time(). Fixes bug 5346; bugfix on 0.0.8pre3.- [tor-0.2.2.35] Make our number-parsing functions always treat too-large values as an error, even when those values exceed the width of the underlying type. Previously, if the caller provided these functions with minima or maxima set to the extreme values of the underlying integer type, these functions would return those values on overflow rather than treating overflow as an error. Fixes part of bug 5786; bugfix on 0.0.9.- [tor-0.2.2.35] Correct parsing of certain date types in parse_http_time(). Without this patch, If-Modified-Since would behave incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from Esteban Manchado Velazques.- [tor-0.2.2.35] Change the BridgePassword feature (part of the "bridge community" design, which is not yet implemented) to use a time-independent comparison. The old behavior might have allowed an adversary to use timing to guess the BridgePassword value. Fixes bug 5543; bugfix on 0.2.0.14-alpha.- [tor-0.2.2.35] Detect and reject certain misformed escape sequences in configuration values. Previously, these values would cause us to crash if received in a torrc file or over an authenticated control port. Bug found by Esteban Manchado Velazquez, and independently by Robert Connolly from Matta Consulting who further noted that it allows a post-authentication heap overflow. Patch by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668); bugfix on 0.2.0.16-alpha.- [tor-0.2.2.35] When sending an HTTP/1.1 proxy request, include a Host header. Fixes bug 5593; bugfix on 0.2.2.1-alpha.- [tor-0.2.2.35] Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha.- [tor-0.2.2.35] If we hit the error case where routerlist_insert() replaces an existing (old) server descriptor, make sure to remove that server descriptor from the old_routers list. Fix related to bug 1776. Bugfix on 0.2.2.18-alpha.- [tor-0.2.2.35] Directory authorities now reject versions of Tor older than 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha inclusive. These versions accounted for only a small fraction of the Tor network, and have numerous known security issues. Resolves issue 4788.- [tor-0.2.2.35] Feature removal: When sending or relaying a RELAY_EARLY cell, we used to convert it to a RELAY cell if the connection was using the v1 link protocol. This was a workaround for older versions of Tor, which didn't handle RELAY_EARLY cells properly. Now that all supported versions can handle RELAY_EARLY cells, and now that we're enforcing the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule, remove this workaround. Addresses bug 4786.- geoip_c.h was updated with GeoIPCountryWhois.csv released on June 6th- updated language strings: 3085, 3086, 3205, 3206, 3207, 3208
6 Changes in version 0.2.2.37 - 2012-06-06 7 Tor 0.2.2.37 introduces a workaround for a critical renegotiation 8 bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself 9 currently). 10 11 o Major bugfixes: 12 - Work around a bug in OpenSSL that broke renegotiation with TLS 13 1.1 and TLS 1.2. Without this workaround, all attempts to speak 14 the v2 Tor connection protocol when both sides were using OpenSSL 15 1.0.1 would fail. Resolves ticket 6033. 16 - When waiting for a client to renegotiate, don't allow it to add 17 any bytes to the input buffer. This fixes a potential DoS issue. 18 Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc. 19 - Fix an edge case where if we fetch or publish a hidden service 20 descriptor, we might build a 4-hop circuit and then use that circuit 21 for exiting afterwards -- even if the new last hop doesn't obey our 22 ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha. 23 24 o Minor bugfixes: 25 - Fix a build warning with Clang 3.1 related to our use of vasprintf. 26 Fixes bug 5969. Bugfix on 0.2.2.11-alpha. 27 28 o Minor features: 29 - Tell GCC and Clang to check for any errors in format strings passed 30 to the tor_v*(print|scan)f functions.
Tor 0.2.2.38 fixes a rare race condition that can crash exit relays; fixes a remotely triggerable crash bug; and fixes a timing attack that could in theory leak path information.o Security fixes:- Avoid read-from-freed-memory and double-free bugs that could occur when a DNS request fails while launching it. Fixes bug 6480; bugfix on 0.2.0.1-alpha.- Avoid an uninitialized memory read when reading a vote or consensus document that has an unrecognized flavor name. This read could lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.- Try to leak less information about what relays a client is choosing to a side-channel attacker. Previously, a Tor client would stop iterating through the list of available relays as soon as it had chosen one, thus finishing a little earlier when it picked a router earlier in the list. If an attacker can recover this timing information (nontrivial but not proven to be impossible), they could learn some coarse-grained information about which relays a client was picking (middle nodes in particular are likelier to be affected than exits). The timing attack might be mitigated by other factors (see bug 6537 for some discussion), but it's best not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
Autor
Thema: Neue Tor-Version: sicherer und anonymer (Gelesen 73533 mal)
