Opened 2 years ago

Closed 2 years ago

Last modified 13 months ago

#15601 closed defect (fixed)

Remote assert in hidden service client code

Reported by: nickm Owned by:
Priority: Very High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: CVE-assigned, 2016-bug-retrospective
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

There is a remote assert in the HS client code, found by DonnCha. Details to follow; adding now so there is a bug number.

Child Tickets

Change History (5)

comment:2 Changed 2 years ago by yawning

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in master, 0.2.6.7, 0.2.5.12 and 0.2.4.27, with tags and signed tarballs available for releases.

comment:3 Changed 2 years ago by weasel

  • Keywords CVE-assigned added

This is CVE-2015-2929

comment:4 Changed 14 months ago by nickm

  • Keywords 2016-bug-retrospective added

Marking for bug retrospective based on Priority.

comment:5 Changed 13 months ago by nickm

Mark more tickets for bug retrospective based on hand-review of changelogs from 0.2.5 onwards.

Note: See TracTickets for help on using tickets.