diff options
| author | George Kadianakis <desnacked@riseup.net> | 2021-05-18 17:06:57 +0300 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2021-06-10 12:11:10 -0400 |
| commit | f57b5c48e0aa01acd84a194fe4657a0d1cee04cf (patch) | |
| tree | f6a7d1fd08a131fef7bda34e919982635916c21b /changes | |
| parent | adb248b6d6e0779719e6b873ee12a1e22fa390f4 (diff) | |
| download | tor-f57b5c48e0aa01acd84a194fe4657a0d1cee04cf.tar.gz tor-f57b5c48e0aa01acd84a194fe4657a0d1cee04cf.zip | |
Fix TROVE-2021-006: Out-of-bounds read on v3 desc parsing
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug40392 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/changes/bug40392 b/changes/bug40392 new file mode 100644 index 0000000000..4dffa50bb2 --- /dev/null +++ b/changes/bug40392 @@ -0,0 +1,4 @@ + o Major bugfixes (security, denial of service, onion services): + - Fix an out-of-bounds memory access in v3 descriptor parsing. Fixes bug + 40392; bugfix on 0.3.0.1-alpha. This issue is also tracked as + TROVE-2021-006. Reported by Sergei Glazunov from Google's Project Zero.
\ No newline at end of file |