This bug was fixed in the package tor - 0.2.9.14-1ubuntu1~16.04.1

---------------
tor (0.2.9.14-1ubuntu1~16.04.1) xenial; urgency=medium

  [ Peter Palfrader ]
  * apparmor: use Pix instead of PUx for obfs4proxy, giving us
    better confinement of the child process while actually working
    with systemd's NoNewPrivileges.  (closes: #867342)
  * Do not rely on aa-exec and aa-enabled being in /usr/sbin in the
    SysV init script.  This change enables apparmor confinement
    on some system-V systems again.  (closes: #869153)
  * Update apparmor profile: replace CAP_DAC_OVERRIDE with
    CAP_DAC_READ_SEARCH to match the systemd capability bounding set
    changed with 0.3.0.4-rc-1.  This change will allow tor to start
    again under apparmor if hidden services are configured.
    Patch by intrigeri.  (closes: #862993)
  * Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service
    capability bounding set.  Read access is sufficient for Tor (as root on
    startup) to check its onion service directories (see #847598).
  * Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
    causing all errors while switching to the new apparmor profile to
    be ignored.  This is not ideal, but for now it's probably the
    best solution. Thanks to intrigeri; closes: #880490.

  [ Simon Deziel ]
  * Backport 0.2.9.14 to 16.04 (LP: #1731698)
  * debian/rules: stop overriding micro-revision.i
  * debian/control: drop build-conflicts
  * debian/control: Limit the seccomp build-dependency to [amd64 i386 x32 armel 
armhf]
  * Resync with Debian Stretch

tor (0.2.9.14-1) stretch-security; urgency=medium

  * New upstream version, including among others:
    - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
      making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
      0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
      identifying and finding a workaround to this bug and to Moritz,
      Arthur Edelstein, and Roger for helping to track it down and
      analyze it.
    - Fix a denial of service bug where an attacker could use a
      malformed directory object to cause a Tor instance to pause while
      OpenSSL would try to read a passphrase from the terminal. (Tor
      instances run without a terminal, which is the case for most Tor
      packages, are not impacted.) Fixes bug 24246; bugfix on every
      version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
      Found by OSS-Fuzz as testcase 6360145429790720.
    - Fix a denial of service issue where an attacker could crash a
      directory authority using a malformed router descriptor. Fixes bug
      24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
      and CVE-2017-8820.
    - When checking for replays in the INTRODUCE1 cell data for a
      (legacy) onion service, correctly detect replays in the RSA-
      encrypted part of the cell. We were previously checking for
      replays on the entire cell, but those can be circumvented due to
      the malleability of Tor's legacy hybrid encryption. This fix helps
      prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
      0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
      and CVE-2017-8819.
    - Fix a use-after-free error that could crash v2 Tor onion services
      when they failed to open circuits while expiring introduction
      points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
      also tracked as TROVE-2017-013 and CVE-2017-8823.
    - When running as a relay, make sure that we never build a path
      through ourselves, even in the case where we have somehow lost the
      version of our descriptor appearing in the consensus. Fixes part
      of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
      as TROVE-2017-012 and CVE-2017-8822.

tor (0.2.9.13-1) stretch; urgency=medium

  * New upstream version:
    - update directory authority set

tor (0.2.9.12-1) stretch-security; urgency=medium

  * New upstream version:
    - CVE-2017-0380 (TROVE-2017-008): Stack disclosure in hidden services logs
      when SafeLogging disabled
    - other maintenance and security related fixes, see upstream changelog.

 -- Simon Deziel <si...@sdeziel.info>  Sun, 14 Jan 2018 14:17:46 -0500

** Changed in: tor (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8819

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8820

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8821

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8822

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8823

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1731698

Title:
  [SRU] Tor 0.2.9.14 and 0.3.0.13

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1731698/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to