Kev tso tawm ntawm Tor 0.4.6.5 toolkit, siv los teeb tsa kev ua haujlwm ntawm Tor network tsis qhia npe, tau nthuav tawm. Tor version 0.4.6.5 tau lees paub tias yog thawj qhov kev tso tawm ruaj khov ntawm 0.4.6 ceg, uas tau txhim kho rau tsib lub hlis dhau los. 0.4.6 ceg yuav raug tswj raws li ib feem ntawm lub voj voog tu ib txwm - kev hloov tshiab yuav raug txiav tawm tom qab 9 lub hlis lossis 3 lub hlis tom qab tso tawm ntawm 0.4.7.x ceg. Kev txhawb nqa mus sij hawm ntev (LTS) yog muab rau 0.3.5 ceg, hloov tshiab uas yuav raug tso tawm kom txog rau thaum Lub Ob Hlis 1, 2022. Nyob rau tib lub sijhawm, Tor tso tawm 0.3.5.15, 0.4.4.9 thiab 0.4.5.9 tau tsim, uas tshem tawm DoS qhov tsis zoo uas tuaj yeem ua rau tsis lees txais kev pabcuam rau cov neeg siv khoom dos cov kev pabcuam thiab cov xa tawm.
Cov kev hloov loj:
- Ntxiv lub peev xwm los tsim cov kev pabcuam dos raws li qhov thib peb version ntawm cov txheej txheem nrog kev lees paub ntawm cov neeg siv khoom nkag los ntawm cov ntaub ntawv hauv 'authorized_clients' directory.
- Rau relays, tus chij tau ntxiv uas tso cai rau tus neeg teb xov tooj kom nkag siab tias cov relay tsis suav nrog hauv kev pom zoo thaum cov servers xaiv cov npe (piv txwv li, thaum muaj ntau dhau relays ntawm ib tus IP chaw nyob).
- Nws muaj peev xwm xa cov ntaub ntawv congestion hauv cov ntaub ntawv extrainfo, uas tuaj yeem siv rau kev sib npaug hauv lub network. Metric kis tau tus mob yog tswj siv qhov kev xaiv OverloadStatistics hauv torrc.
- Lub peev xwm los txwv qhov kev siv ntawm cov neeg siv khoom sib txuas rau relays tau ntxiv rau DoS kev tiv thaiv subsystem.
- Relays siv kev tshaj tawm cov txheeb cais ntawm tus naj npawb ntawm cov kev pabcuam dos raws li qhov thib peb version ntawm cov txheej txheem thiab qhov ntim ntawm lawv cov tsheb.
- Kev them nyiaj yug rau qhov kev xaiv DirPorts tau raug tshem tawm los ntawm relay code, uas tsis yog siv rau hom node.
- Cov cai tau raug refactored. DoS nres tiv thaiv subsystem tau raug hloov mus rau tus thawj tswj subsys.
- Kev them nyiaj yug rau cov kev pabcuam qub dos raws li qhov thib ob version ntawm cov txheej txheem, uas tau tshaj tawm tias tsis siv sijhawm ib xyoos dhau los, tau raug txiav tawm. Kev tshem tawm tag nrho ntawm cov cai cuam tshuam nrog qhov thib ob version ntawm tus txheej txheem yuav tsum nyob rau lub caij nplooj zeeg. Qhov thib ob version ntawm tus txheej txheem tau tsim tawm txog 16 xyoo dhau los thiab, vim yog siv cov txheej txheem dhau los, tsis tuaj yeem suav tias muaj kev nyab xeeb hauv cov xwm txheej niaj hnub no. Ob thiab ib nrab xyoo dhau los, hauv kev tso tawm 0.3.2.9, cov neeg siv tau muab qhov thib peb version ntawm cov txheej txheem rau cov kev pabcuam dos, tseem ceeb rau kev hloov mus rau 56-tus cim chaw nyob, kev tiv thaiv kev tiv thaiv ntau dua los ntawm cov ntaub ntawv xau los ntawm cov npe servers, cov qauv txuas ntxiv. thiab siv SHA3, ed25519 thiab curve25519 algorithms hloov SHA1, DH thiab RSA-1024.
- Vulnerabilities fixed:
- CVE-2021-34550 - nkag mus rau thaj chaw nco sab nraum qhov kev faib tsis nyob hauv cov cai rau kev txheeb xyuas cov kev pabcuam dos piav qhia raws li qhov thib peb version ntawm cov txheej txheem. Tus neeg tawm tsam tuaj yeem, los ntawm kev tso ib tus kws qhia tshwj xeeb tsim cov dos kev pabcuam, ua rau muaj kev sib tsoo ntawm txhua tus neeg siv khoom sim nkag mus rau qhov kev pabcuam dos.
- CVE-2021-34549 - Qhov muaj peev xwm tsis lees paub ntawm kev pabcuam nres ntawm relays. Tus neeg tawm tsam tuaj yeem tsim cov saw hlau nrog cov cim uas ua rau muaj kev sib tsoo hauv cov haujlwm hash, kev ua haujlwm uas ua rau muaj qhov hnyav ntawm CPU.
- CVE-2021-34548 - Ib qho relay tuaj yeem spoof RELAY_END thiab RELAY_RESOLVED cov hlwb hauv ib nrab-kaw xov, uas tso cai rau kev txiav tawm ntawm cov xov uas tau tsim yam tsis muaj kev koom tes ntawm cov relay no.
- TROVE-2021-004 - Ntxiv cov kev kuaj xyuas ntxiv rau kev ua tsis tiav thaum hu rau OpenSSL random tooj generator (nrog rau kev siv RNG default hauv OpenSSL, xws li kev ua tsis tiav).
Tau qhov twg los: opennet.ru