ProHoster > Blog > litaba tsa inthanete > Nchafatsa Tor 0.3.5.11, 0.4.2.8 le 0.4.3.6 ka ho felisa ts'oaetso ea DoS

Nchafatsa Tor 0.3.5.11, 0.4.2.8 le 0.4.3.6 ka ho felisa ts'oaetso ea DoS

E emetsoe litokollo tsa tokiso tsa Tor toolkit (0.3.5.11, 0.4.2.8, 0.4.3.6 le 4.4.2-alpha), tse sebelisetsoang ho hlophisa ts'ebetso ea marang-rang a sa tsejoeng a Tor. E felisitsoe liphetolelong tse ncha bofokodi (CVE-2020-15572), e bakoang ke ho fihlella memori ka ntle ho meeli ea buffer e fanoeng. Bofokoli bo lumella mohlaseli ea hole ho etsa hore ts'ebetso ea tor e senyehe. Bothata bo hlaha feela ha o haha ​​​​ka laeborari ea NSS (ka ho sa feleng, Tor e hahiloe ka OpenSSL, 'me ho sebelisa NSS ho hloka ho hlakisa folakha ea "-enable-nss").

Ho phaella moo hlahisoa rera ho khaotsa ho tšehetsa mofuta oa bobeli oa protocol ea litšebeletso tsa onion (eo pele e neng e bitsoa litšebeletso tse patiloeng). Selemong le halofo se fetileng, ha ho lokolloa 0.3.2.9, basebelisi ba ne ba e-na le sisintsweng mofuta oa boraro oa protocol bakeng sa lits'ebeletso tsa onion, e hlokomelehang bakeng sa phetoho ho liaterese tsa litlhaku tse 56, ts'ireletso e tšepahalang haholoanyane khahlanong le ho lutla ha data ka li-server tsa directory, sebopeho se atolositsoeng sa modular le tšebeliso ea SHA3, ed25519 le curve25519 algorithms sebakeng sa SHA1, DH le RSA-1024.

Phetolelo ea bobeli ea protocol e ile ea ntlafatsoa hoo e ka bang lilemo tse 15 tse fetileng, 'me, ka lebaka la tšebeliso ea li-algorithms tsa khale, e ke ke ea nkoa e sireletsehile maemong a kajeno. Ha ho nahanoa ka ho fela ha tšehetso bakeng sa makala a khale, hajoale leha e le efe ea hona joale ea Tor gateway e tšehetsa mofuta oa boraro oa protocol, e fanoang ka ho sa feleng ha ho etsoa litšebeletso tse ncha tsa onion.

Ka la 15 Loetse 2020, Tor e tla qala ho lemosa basebelisi le bareki mabapi le ho tlosoa ha mofuta oa bobeli oa protocol. Ka la 15 Phupu 2021, tšehetso ea mofuta oa bobeli oa protocol e tla tlosoa ho codebase, 'me ka la 15 Mphalane 2021, tokollo e ncha e tsitsitseng ea Tor e tla lokolloa ntle le tšehetso ea protocol ea khale. Ka hona, beng ba litšebeletso tsa khale tsa onion ba na le likhoeli tse 16 ho fetolela phetolelong e ncha ea protocol, e hlokang ho hlahisa aterese e ncha ea litlhaku tse 56 bakeng sa tšebeletso.

Source: opennet.ru

Eketsa ka tlhaloso