FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c1dc55dc-9556-11e6-b154-3065ec8fd3ecTor -- remote denial of service

The Tor Blog reports:

Prevent a class of security bugs caused by treating the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening. With this defense in place, such bugs can't crash Tor, though we should still fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).


Discovery 2016-10-17
Entry 2016-10-18
tor
< 0.2.8.9

tor-devel
< 0.2.9.4-alpha

https://blog.torproject.org/blog/tor-0289-released-important-fixes