20607 2009-06-26 21:28:58 +0400 Tor DNS Spoofing and Denial of Service Vulnerabilities: CVE-2009-2425, CVE-2009-2426 2009-07-13 11:48:21 +0400 1 1 4 Development Sisyphus tor unstable all Linux CLOSED FIXED http://archives.seul.org/or/announce/Jun-2009/msg00000.html security P3 normal --- 1 crux rider rider qa-sisyphus oldest_to_newest 93815 0 crux 2009-06-26 21:28:58 +0400 Changes in version 0.2.0.35 - 2009-06-24 o Security fix: - Avoid crashing in the presence of certain malformed descriptors. Found by lark, and by automated fuzzing. - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta. ... 93967 1 svd 2009-06-30 16:01:43 +0400 Version in Sisyphus is updated to 0.2.0.35-alt2