Opened 3 years ago

Closed 3 years ago

Last modified 18 months ago

#15601 closed defect (fixed)

Remote assert in hidden service client code

Reported by: nickm Owned by:
Priority: Very High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: CVE-assigned, 2016-bug-retrospective
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

There is a remote assert in the HS client code, found by DonnCha. Details to follow; adding now so there is a bug number.

Child Tickets

Change History (5)

comment:1 Changed 3 years ago by nickm

7b5f558da4542ecce992a8bdb65851fd4a1713bc and dc3cb0008085d173800724304573dc4ed341c793 have the fix.

comment:2 Changed 3 years ago by yawning

Resolution: fixed
Status: newclosed

Fixed in master, 0.2.6.7, 0.2.5.12 and 0.2.4.27, with tags and signed tarballs available for releases.

comment:3 Changed 3 years ago by weasel

Keywords: CVE-assigned added

This is CVE-2015-2929

comment:4 Changed 18 months ago by nickm

Keywords: 2016-bug-retrospective added

Marking for bug retrospective based on Priority.

comment:5 Changed 18 months ago by nickm

Mark more tickets for bug retrospective based on hand-review of changelogs from 0.2.5 onwards.

Note: See TracTickets for help on using tickets.