Opened 3 years ago

Closed 3 years ago

Last modified 2 years ago

#15600 closed defect (fixed)

Remote assert in hidden service code

Reported by: nickm Owned by:
Priority: Very High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: CVE-assigned, 2016-bug-retrospective
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by nickm)

There is a remote assert in the HS server code, reported by disgleirio. Adding this ticket now so that we have a bug number. More info to follow.

Child Tickets

Change History (8)

comment:1 Changed 3 years ago by nickm

49ddd92c115c6943c4602d44f52c22b6f47698e8

comment:2 Changed 3 years ago by nickm

Description: modified (diff)

comment:3 Changed 3 years ago by nickm

whoops, wrong pseudonym in original comment.

comment:4 Changed 3 years ago by yawning

Fixed in master, 0.2.6.7, 0.2.5.12 and 0.2.4.27, with tags and signed tarballs available for releases.

comment:5 Changed 3 years ago by yawning

Resolution: fixed
Status: newclosed

comment:6 Changed 3 years ago by weasel

Keywords: CVE-assigned added

This is CVE-2015-2928

comment:7 Changed 2 years ago by nickm

Keywords: 2016-bug-retrospective added

Marking for bug retrospective based on Priority.

comment:8 Changed 2 years ago by nickm

Mark more tickets for bug retrospective based on hand-review of changelogs from 0.2.5 onwards.

Note: See TracTickets for help on using tickets.