From 49ddd92c115c6943c4602d44f52c22b6f47698e8 Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Mon, 30 Mar 2015 21:53:39 +0000 Subject: Validate the RSA key size received when parsing INTRODUCE2 cells. Fixes bug 15600; reported by skruffy --- changes/bug15600 | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changes/bug15600 (limited to 'changes') diff --git a/changes/bug15600 b/changes/bug15600 new file mode 100644 index 0000000000..ee1d6cfe19 --- /dev/null +++ b/changes/bug15600 @@ -0,0 +1,5 @@ + o Major bugfixes (security, hidden service): + - Fix an issue that would allow a malicious client to trigger + an assertion failure and halt a hidden service. Fixes + bug 15600; bugfix on 0.2.1.6-alpha. Reported by "skruffy". + -- cgit v1.2.3-54-g00ecf From 7451b4cafededa95da0099ea2444224d941eef52 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 6 Apr 2015 09:24:16 -0400 Subject: Changes file for bug15601 --- changes/bug15601 | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changes/bug15601 (limited to 'changes') diff --git a/changes/bug15601 b/changes/bug15601 new file mode 100644 index 0000000000..2cc880af7f --- /dev/null +++ b/changes/bug15601 @@ -0,0 +1,4 @@ + o Major bugfixes (security, hidden service): + - Fix a bug that could cause a client to crash with an assertion + failure when parsing a malformed hidden service descriptor. + Fixes bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnCha". -- cgit v1.2.3-54-g00ecf