diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-08-27 11:16:44 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-08-27 11:19:29 -0400 |
| commit | b7c172c9ec762363562220a354feefc521970d7c (patch) | |
| tree | d4262db650b35abda2600b0fa284a7133882861f /changes/bug6710 | |
| parent | ce4add498f6af197a0e856d262825d547f898305 (diff) | |
| download | tor-b7c172c9ec762363562220a354feefc521970d7c.tar.gz tor-b7c172c9ec762363562220a354feefc521970d7c.zip | |
Disable extending to private/internal addresses by default
This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
Diffstat (limited to 'changes/bug6710')
| -rw-r--r-- | changes/bug6710 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug6710 b/changes/bug6710 new file mode 100644 index 0000000000..69a3c7ef40 --- /dev/null +++ b/changes/bug6710 @@ -0,0 +1,7 @@ + o Major bugfixes (security): + - Reject any attempt to extend to an internal address. Without + this fix, a router could be used to probe addresses on an + internal network to see whether they were accepting + connections. Fix for bug 6710; bugfix on all released versions + of Tor. + |