issue-2011-10-19L 1.4 KB

12345678910111213141516171819202122232425262728
  1. o Security fixes:
  2. - Don't send TLS certificate chains on outgoing OR connections
  3. from clients and bridges. Previously, each client or bridge
  4. would use a single cert chain for all outgoing OR connections
  5. for up to 24 hours, which allowed any relay connected to by a
  6. client or bridge to determine which entry guards it is using.
  7. This is a potential user-tracing bug for *all* users; everyone
  8. who uses Tor's client or hidden service functionality should
  9. upgrade. Fixes CVE-2011-2768. Bugfix on FIXME; found by
  10. frosty_un.
  11. - Don't use any OR connection on which we have received a
  12. CREATE_FAST cell to satisfy an EXTEND request. Previously, we
  13. would not consider whether a connection appears to be from a
  14. client or bridge when deciding whether to use that connection to
  15. satisfy an EXTEND request. Mitigates CVE-2011-2768, by
  16. preventing an attacker from determining whether an unpatched
  17. client is connected to a patched relay. Bugfix on FIXME; found
  18. by frosty_un.
  19. - Don't assign the Guard flag to relays running a version of Tor
  20. which would use an OR connection on which it has received a
  21. CREATE_FAST cell to satisfy an EXTEND request. Mitigates
  22. CVE-2011-2768, by ensuring that clients will not connect
  23. directly to any relay which an attacker could probe for an
  24. unpatched client's connections.