#33545: assertion failure when "all zero" client auth key provided --------------------------+---------------------------------------- Reporter: mcs | Owner: (none) Type: defect | Status: closed Priority: High | Milestone: Tor: 0.4.3.x-final Component: Core Tor/Tor | Version: Tor: 0.4.4.0-alpha-dev Severity: Normal | Resolution: duplicate Keywords: 043-should | Actual Points: Parent ID: | Points: Reviewer: asn | Sponsor: --------------------------+----------------------------------------
Comment (by nickm): Right. There's another issue too: a big part of our investigation was to find out whether any other parts of our code might have another instance of this bug that could have been triggered _without_ authenticated control port access. We looked hard and didn't find any such instances, but if we had, then TROVE-2020-003 would have been a higher severity, and would not have been a duplicate of this issue. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33545#comment:9> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs