-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 18 Jun 2021 10:27:26 +0200 Source: tor Binary: tor-geoipdb Architecture: all Version: 0.3.5.15-1 Distribution: buster-security Urgency: medium Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Peter Palfrader Description: tor-geoipdb - GeoIP database for Tor Closes: 990000 Changes: tor (0.3.5.15-1) buster-security; urgency=medium . * New upstream version, fixing several (security) issues (closes: #990000). For a full list see the upstream changelog. It includes: - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548. - Detect more failure conditions from the OpenSSL RNG code. Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself. Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. - Resist a hashtable-based CPU denial-of-service attack against relays. Previously we used a naive unkeyed hash function to look up circuits in a circuitmux object. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now we use a SipHash construction here instead. Bugfix on 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - Fix an out-of-bounds memory access in v3 onion service descriptor parsing. An attacker could exploit this bug by crafting an onion service descriptor that would crash any client that tried to visit it. Bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei Glazunov from Google's Project Zero. Checksums-Sha1: f9620eb239d9ad884ca21b3a26e19ba4b048237a 1329096 tor-geoipdb_0.3.5.15-1_all.deb c24d7f88e2ed97f2d296815e6a5a15d04f0ba701 6730 tor_0.3.5.15-1_all.buildinfo Checksums-Sha256: 600b4b66c887d7791c4a9f8d76f24ab7256f7e0a4d3d997b3da03e7f651dcedd 1329096 tor-geoipdb_0.3.5.15-1_all.deb ca7346112b95ffe7dd00e012d5b4d71083b7576ae8fb58ca88f12a56cca2bf79 6730 tor_0.3.5.15-1_all.buildinfo Files: 3cdfcb4974dbbbd62e832ae6adce1059 1329096 net extra tor-geoipdb_0.3.5.15-1_all.deb 68121dce4633048b46a2191c95929474 6730 net optional tor_0.3.5.15-1_all.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEqQcRQHTGP4qt3opGks26TWZ8cfMFAmDMZQoACgkQks26TWZ8 cfP7lQ//dccKgPXloOIckvLWOKSVEm4bK0hJ+OTd94MdsxyvqO6IYzrrM2hRXZjn HAOWMuNkUB+PvhMjd0zNdSKAhLw6+C4/uK5EsaVX6rgSPzqGhfKlJA5XKyve/mnw FLwKdAvd+JRfoEGeTCmA8M5YOe8RvM/ghVggBBr5oO4kGHH6gDjPzSk26Q32/W5g Ph8podhI108lAwGIq+UA8bhhNkO0Jr08/SxNaG/uoCsmtB3gt5oK83/mLsL2e99N WKUbLOdiOgZI9HfUCwrNEp57czXq0Gx5lOF2NvJXbrUwhnezfA2BJKEZlkubQfqW g4Aj3TpPHf3wrtNums5MKbnvrK5Ddn6cowknH5k/8qAipvQ9vmxzPLawYOh4T/RY UfFelS/TARx76ZEjm7miwYjvMmMfs0f/uuGhhHoAPLSQKSurp2yT8/SsYvyVPqgn uPadIZfl2rVjDHQvHShSkmFScnNs6227s71uKTW7Tc18nRPom+pPnkTMRjripyyc J8951FHL2ds4lXqeCZ5fGAftT4wGI3rv4VnG3c2hi6NvuYGViToETdZIU3JgBDK5 nIokRELWdHmlCWIrBEduCDqupn17GJHjQwAlhuS32Oq8RLbVfew3g1hFV/qSgthm QqUwgDNYtpBbPFYcYsMKpuDPkDxVMDtPity+E7m29vvBToX1iCE= =c7Af -----END PGP SIGNATURE-----