bug30040 602 Bytes
Newer Older
1
2
3
4
5
6
7
8
9
  o Minor bugfixes (security):
    - Fix a potential double free bug when reading huge bandwidth files. The
      issue is not exploitable in the current Tor network because the
      vulnerable code is only reached when directory authorities read bandwidth
      files, but bandwidth files come from a trusted source (usually the
      authorities themselves). Furthermore, the issue is only exploitable in
      rare (non-POSIX) 32-bit architectures which are not used by any of the
      current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found
      and fixed by Tobias Stoeckmann.