bug21018 576 B

1234567891011
  1. o Major bugfixes (parsing, security):
  2. - Fix a bug in parsing that could cause clients to read a single
  3. byte past the end of an allocated region. This bug could be
  4. used to cause hardened clients (built with
  5. --enable-expensive-hardening) to crash if they tried to visit
  6. a hostile hidden service. Non-hardened clients are only
  7. affected depending on the details of their platform's memory
  8. allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
  9. using libFuzzer. Also tracked as TROVE-2016-12-002 and as
  10. CVE-2016-1254.