Back to tor PTS page

Accepted tor (source) into unstable

Hash: SHA256

Format: 1.8
Date: Fri, 18 Jun 2021 11:06:56 +0200
Source: tor
Architecture: source
Distribution: unstable
Urgency: medium
Maintainer: Peter Palfrader <>
Changed-By: Peter Palfrader <>
Closes: 990000
 tor ( unstable; urgency=medium
   * New upstream version, fixing several (security) issues (closes: #990000).
      For a full list see the upstream changelog.  It includes:
     - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on
       half-closed streams. Previously, clients failed to validate which
       hop sent these cells: this would allow a relay on a circuit to end
       a stream that wasn't actually built with it.
       Bugfix on This issue is also tracked as TROVE-2021-
       003 and CVE-2021-34548.
     - Detect more failure conditions from the OpenSSL RNG code.
       Previously, we would detect errors from a missing RNG
       implementation, but not failures from the RNG code itself.
       Fortunately, it appears those failures do not happen in practice
       when Tor is using OpenSSL's default RNG implementation.
       Bugfix on This issue is also tracked as
       TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
     - Resist a hashtable-based CPU denial-of-service attack against
       relays. Previously we used a naive unkeyed hash function to look
       up circuits in a circuitmux object. An attacker could exploit this
       to construct circuits with chosen circuit IDs, to create
       collisions and make the hash table inefficient. Now we use a
       SipHash construction here instead. Bugfix on This issue is also tracked as TROVE-2021-005 and
       CVE-2021-34549. Reported by Jann Horn from Google's Project Zero.
     - Fix an out-of-bounds memory access in v3 onion service descriptor
       parsing. An attacker could exploit this bug by crafting an onion
       service descriptor that would crash any client that tried to visit
       it. Bugfix on This issue is also
       tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei
       Glazunov from Google's Project Zero.
 1bd9747927a1ac82ad3764d3174a1ab041e3a119 1961 tor_0.4.5.9-1.dsc
 adbfefa54a23c6e7418561bd042442ee6fc50bfc 7840294 tor_0.4.5.9.orig.tar.gz
 ba16729930e9435a0dbb61cf2096da4632ca1df4 53060 tor_0.4.5.9-1.diff.gz
 ec32b3bdb191945168defaac1c52b102959e90bce59314dff8d27c3758918489 1961 tor_0.4.5.9-1.dsc
 f304e456102ed26c39e5f16ece2115585398cdb4e67455139c86ea43cdf70856 7840294 tor_0.4.5.9.orig.tar.gz
 a47e415414d32a3cee0c45ca86ba5531f4e952422f2cd7c218f7755776f78449 53060 tor_0.4.5.9-1.diff.gz
 a36bdc1df5a25a017df13e17c5dcacab 1961 net optional tor_0.4.5.9-1.dsc
 103c96c9d553e34c0ae25dd0cb587b04 7840294 net optional tor_0.4.5.9.orig.tar.gz
 ee016a401fa3483e35674d41146ad744 53060 net optional tor_0.4.5.9-1.diff.gz