Latest Tor Bug Fixes

Discussion in 'Computer Security' started by traveler 66, Dec 17, 2006.

  1. traveler 66

    traveler 66 Guest

    Tor 0.1.1.26 fixes a serious privacy bug for people who use the
    HttpProxyAuthenticator config option: Tor would send your proxy auth
    directly to the directory server when you're tunnelling directory
    requests through Tor. Specifically, this happens when publishing or
    accessing hidden services, or when you have set FascistFirewall or
    ReachableAddresses and you're accessing a directory server that's not
    reachable directly.

    The OS X stable bundles now also feature a new Vidalia version (0.0.9)
    and a new Privoxy version (3.0.6).

    http://tor.eff.org/download.html

    If you use HttpProxyAuthenticator, we recommend you switch to 0.1.1.26
    or stop using it for now. The upcoming 0.1.2.5-alpha (not yet finished)
    will have this bugfix too. For people running 0.1.0.x who absolutely
    cannot upgrade, here's your patch:
    http://archives.seul.org/or/cvs/Dec-2006/msg00098.html

    Changes in version 0.1.1.26 - 2006-12-14
    o Security bugfixes:
    - Stop sending the HttpProxyAuthenticator string to directory
    servers when directory connections are tunnelled through Tor.
    - Clients no longer store bandwidth history in the state file.
    - Do not log introduction points for hidden services if SafeLogging
    is set.

    o Minor bugfixes:
    - Fix an assert failure when a directory authority sets
    AuthDirRejectUnlisted and then receives a descriptor from an
    unlisted router (reported by seeess).
     
    traveler 66, Dec 17, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Labiodental Fricative

    Heads UP! Possible Huge TOR Bug Discovered

    Labiodental Fricative, Aug 16, 2006, in forum: Computer Security
    Replies:
    4
    Views:
    3,444
    fatal.serpent
    Aug 17, 2006
  2. George Orwell

    Heads UP! Possible Huge TOR Bug Discovered

    George Orwell, Aug 18, 2006, in forum: Computer Security
    Replies:
    1
    Views:
    426
    Borked Pseudo Mailed
    Aug 19, 2006
  3. George Orwell

    Heads UP! Possible Huge TOR Bug Discovered

    George Orwell, Aug 19, 2006, in forum: Computer Security
    Replies:
    6
    Views:
    740
    zatoichi
    Aug 20, 2006
  4. TwistyCreek

    More Tor bug updates

    TwistyCreek, Aug 29, 2006, in forum: Computer Security
    Replies:
    0
    Views:
    485
    TwistyCreek
    Aug 29, 2006
  5. Stickems.

    New version of Zone Alarm fixes bug.

    Stickems., Jul 26, 2006, in forum: Computer Support
    Replies:
    1
    Views:
    392
    ftran999
    Jul 26, 2006
Loading...

Share This Page