- math/big: panic during recursive division of very large numbers
A number of math/big.Int <https://pkg.go.dev/math/big#Int> methods (Div,
Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqrt, Jacobi, and GCD)
can panic when provided crafted large inputs. For the panic to happen, the
divisor or modulo argument must be larger than 3168 bits (on 32-bit
architectures) or 6336 bits (on 64-bit architectures). Multiple math/big.Rat
<https://pkg.go.dev/math/big#Rat> methods are similarly affected.
crypto/rsa.VerifyPSS <https://pkg.go.dev/crypto/rsa#VerifyPSS>,
crypto/rsa.VerifyPKCS1v15 <https://pkg.go.dev/crypto/rsa#VerifyPKCS1v15>,
and crypto/dsa.Verify <https://pkg.go.dev/crypto/dsa#Verify> may panic when
provided crafted public keys and signatures. crypto/ecdsa and
crypto/elliptic operations may only be affected if custom CurveParams
<https://pkg.go.dev/crypto/elliptic#CurveParams> with unusually large field
sizes (several times larger than the largest supported curve, P-521) are in
use. Using crypto/x509.Verify on a crafted X.509 certificate chain can lead
to a panic, even if the certificates don’t chain to a trusted root. The
chain can be delivered via a crypto/tls connection to a client, or to a
server that accepts and verifies client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept
client certificates will recover the panic and are unaffected.
Moreover, an application might crash invoking
crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
request or during a golang.org/x/crypto/otr conversation. Parsing a
golang.org/x/crypto/openpgp Entity or verifying a signature may crash.
Finally, a golang.org/x/crypto/ssh client can panic due to a malformed host
key, while a server could panic if either PublicKeyCallback accepts a
malformed public key, or if IsUserAuthority accepts a certificate with a
malformed public key.
This issue is CVE-2020-28362 and Go issue golang.org/issue/42552.
- cmd/go: arbitrary code execution at build time through cgo
The go command may execute arbitrary code at build time when cgo is in use.
This may occur when running go get on a malicious package, or any other
command that builds untrusted code.
This can be caused by malicious gcc flags specified via a #cgo directive,
or by a malicious symbol name in a linked object file.
These issues are CVE-2020-28367 and CVE-2020-28366, and Go issues
golang.org/issue/42556 and golang.org/issue/42559 respectively.
- math/big: panic during recursive division of very large numbers
A number of math/big.Int methods (Div, Exp, DivMod, Quo, Rem, QuoRem, Mod,
ModInverse, ModSqrt, Jacobi, and GCD) can panic when provided crafted large
inputs. For the panic to happen, the divisor or modulo argument must be larger
than 3168 bits (on 32-bit architectures) or 6336 bits (on 64-bit
architectures). Multiple math/big.Rat <https://pkg.go.dev/math/big#Rat> methods
are similarly affected.
crypto/rsa.VerifyPSS <https://pkg.go.dev/crypto/rsa#VerifyPSS>,
crypto/rsa.VerifyPKCS1v15 <https://pkg.go.dev/crypto/rsa#VerifyPKCS1v15>,
and crypto/dsa.Verify <https://pkg.go.dev/crypto/dsa#Verify> may panic when
provided crafted public keys and signatures. crypto/ecdsa and
crypto/elliptic operations may only be affected if custom CurveParams
<https://pkg.go.dev/crypto/elliptic#CurveParams> with unusually large field
sizes (several times larger than the largest supported curve, P-521) are in
use. Using crypto/x509.Verify on a crafted X.509 certificate chain can lead
to a panic, even if the certificates don’t chain to a trusted root. The
chain can be delivered via a crypto/tls connection to a client, or to a
server that accepts and verifies client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept
client certificates will recover the panic and are unaffected.
Moreover, an application might crash invoking
crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
request or during a golang.org/x/crypto/otr conversation. Parsing a
golang.org/x/crypto/openpgp Entity or verifying a signature may crash.
Finally, a golang.org/x/crypto/ssh client can panic due to a malformed host
key, while a server could panic if either PublicKeyCallback accepts a
malformed public key, or if IsUserAuthority accepts a certificate with a
malformed public key.
Thanks to the Go Ethereum team and the OSS-Fuzz project for reporting this.
Thanks to Rémy Oudompheng and Robert Griesemer for their help developing
and validating the fix.
This issue is CVE-2020-28362 and Go issue golang.org/issue/42552.
- cmd/go: arbitrary code execution at build time through cgo
The go command may execute arbitrary code at build time when cgo is in use.
This may occur when running go get on a malicious package, or any other
command that builds untrusted code.
This can be caused by malicious gcc flags specified via a #cgo directive,
or by a malicious symbol name in a linked object file.
These issues are CVE-2020-28367 and CVE-2020-28366, and Go issues
golang.org/issue/42556 and golang.org/issue/42559 respectively.
The 0.2 release adds message correction, improves the file upload functionality and provides more information about message encryption. Besides other smaller changes it also fixes a number of bugs.
Disable rust option since it currently doesn't work.
Changes in version 0.4.4.6 - 2020-11-12
Tor 0.4.4.6 is the second stable release in the 0.4.4.x series. It
backports fixes from later releases, including a fix for TROVE-2020-
005, a security issue that could be used, under certain cases, by an
adversary to observe traffic patterns on a limited number of circuits
intended for a different relay.
o Major bugfixes (security, backport from 0.4.5.1-alpha):
- When completing a channel, relays now check more thoroughly to
make sure that it matches any pending circuits before attaching
those circuits. Previously, address correctness and Ed25519
identities were not checked in this case, but only when extending
circuits on an existing channel. Fixes bug 40080; bugfix on
0.2.7.2-alpha. Resolves TROVE-2020-005.
o Minor features (directory authorities, backport from 0.4.5.1-alpha):
- Authorities now list a different set of protocols as required and
recommended. These lists have been chosen so that only truly
recommended and/or required protocols are included, and so that
clients using 0.2.9 or later will continue to work (even though
they are not supported), whereas only relays running 0.3.5 or
later will meet the requirements. Closes ticket 40162.
- Make it possible to specify multiple ConsensusParams torrc lines.
Now directory authority operators can for example put the main
ConsensusParams config in one torrc file and then add to it from a
different torrc file. Closes ticket 40164.
o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
- Tor no longer allows subprotocol versions larger than 63.
Previously version numbers up to UINT32_MAX were allowed, which
significantly complicated our code. Implements proposal 318;
closes ticket 40133.
o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
- Fix a rendezvous cache unit test that was triggering an underflow
on the global rend cache allocation. Fixes bug 40125; bugfix
on 0.2.8.1-alpha.
- Fix another rendezvous cache unit test that was triggering an
underflow on the global rend cache allocation. Fixes bug 40126;
bugfix on 0.2.8.1-alpha.
o Minor bugfixes (compilation, backport from 0.4.5.1-alpha):
- Fix compiler warnings that would occur when building with
"--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
- Resolve a compilation warning that could occur in
test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
- Remove a debug logging statement that uselessly spammed the logs.
Fixes bug 40135; bugfix on 0.3.5.0-alpha.
o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
- Avoid a fatal assert() when failing to create a listener
connection for an address that was in use. Fixes bug 40073; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
- For HSFETCH commands on v2 onion services addresses, check the
length of bytes decoded, not the base32 length. Fixes bug 34400;
bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
This release updates NoScript to 11.1.5 and includes an important security update to Firefox.
The full changelog since Tor Browser 10.0.2 (Desktop) is:
Windows + OS X + Linux
Update NoScript to 11.1.5
Bug 40021: Keep page shown after Tor Browser update purple
Bug 40022: EOY November Update - Matching
Bug 40219: Backport Mozilla Bug 1675905
Translations update
Build System
Windows + OS X + Linux
Update Go to 1.14.11
Bug 40141: Include "desktop" in signed tag
ChangeLog:
- General
- Use `Enumerator#with_index` to detect line numbers
- Batchfile Lexer
- Add support for long options to Batchfile lexer
- C++ Lexer
- Fix binary literal digit separator in C++ lexer
- Docker Lexer
- Add `Dockerfile` as an alias for the Docker lexer
- JavaScript Lexer
- Fix template string lexing in JavaScript lexer
- Kotlin Lexer
- Ensure word break follows keywords in Kotlin lexer
- Perl Lexer
- Improve support for sigils in Perl lexer
- PowerShell Lexer
- Improve lexing of nested data structures in PowerShell lexer
- Improve handling of data structure literals in PowerShell lexer
- Ruby Lexer
- Revert empty patterns in Ruby lexer
- Rust Lexer
- Add continue to keywords in Rust lexer
- Velocity Lexer
- Fix lexing of brackets in Velocity lexer
v 11.1.5
============================================================
x Updated TLD
x Fixed potential infinite loop via DOMContentLoaded
x Work-around for Firefox 82 media redirection bug (thanks
ppxxbu and skriptimaahinen)
x Updated TLDs
v 11.1.5rc2
============================================================
x Updated TLD
x Fixed potential infinite loop via DOMContentLoaded
v 11.1.5rc1
============================================================
x Work-around for Firefox 82 media redirection bug (thanks
ppxxbu and skriptimaahinen)
x Updated TLDs
v 11.1.4
============================================================
x Fixed sloppy CSP media blocker detection breaking MSE
blob: media placeholders on Chromium
x Fixed race condition causing temporary settings not to
survive updates sometimes
x Updated TLDs
x [Mobile] Improved prompts appearance on Android
v 11.1.4rc3
============================================================
x Fixed sloppy CSP media blocker detection breaking MSE
blob: media placeholders on Chromium
v 11.1.4rc2
============================================================
x Fixed race condition causing temporary settings not to
survive updates sometimes
v 11.1.4rc1
============================================================
x Updated TLDs
x [Mobile] Improved prompts appearance on Android
Wireshark 3.4.0
New and Updated Features
The following features are new (or have been significantly updated) since version 3.4.0rc1:
Nothing of note.
The following features are new (or have been significantly updated) since version 3.3.1:
The Protobuf fields defined as google.protobuf.Timestamp type of Protobuf standard library can now be dissected as Wireshark fields of absolute time type.
The following features are new (or have been significantly updated) since version 3.3.0:
The Windows installers now ship with Npcap 1.00. They previously shipped with Npcap 0.9997.
The Windows installers now ship with Qt 5.15.1. They previously shipped with Qt 5.12.8.
The following features are new (or have been significantly updated) since version 3.2.0:
Windows executables and installers are now signed using SHA-2 only.
Save RTP stream to .au supports any codec with 8000 Hz rate supported by Wireshark (shown in RTP player). If save of audio is not possible (unsupported codec or rate), silence of same length is saved and warning is shown.
Asynchronous DNS resolution is always enabled. As a result, the c-ares library is now a required dependency.
Protobuf fields can be dissected as Wireshark (header) fields that allows user input the full names of Protobuf fields or messages in Filter toolbar for searching.
Dissectors based on Protobuf can register themselves to a new 'protobuf_field' dissector table, which is keyed with the full names of fields, for further parsing fields of BYTES or STRING type.
Wireshark is able to decode, play, and save iLBC payload on platforms where the iLBC library is available.
Wireshark is able to decode, play, and save opus payload on platforms where the opus library is available.
“Decode As” entries can now be copied from other profiles using a button in the dialog.
sshdump can now be copied to multiple instances. Each instance will show up a different interface and will have its own profile.
The main window now supports a packet diagram view, which shows each packet as a textbook-style diagram.
Filter buttons (“Preferences → Filter Buttons”) can be grouped by using “//” as a path separator in the filter button label.
IPP Over USB packets can now be dissected and displayed
New Protocol Support
Arinc 615A (A615A), Asphodel Protocol, AudioCodes Debug Recording (ACDR), Bluetooth HCI ISO (BT HCI ISO), Cisco MisCabling Protocol (MCP), Community ID Flow Hashing (CommunityID), DCE/RPC IRemoteWinspool SubSystem, (IREMOTEWINSPOOL), Dynamic Link Exchange Protocol (DLEP), EAP Generalized Pre-Shared Key (EAP-GPSK), EAP Password Authenticated Exchange (EAP-PAX), EAP Pre-Shared Key (EAP-PSK), EAP Shared-secret Authentication and Key Establishment (EAP-SAKE), Fortinet Single Sign-on (FSSO), FTDI Multi-Protocol Synchronous Serial Engine (FTDI MPSSE), Hypertext Transfer Protocol Version 3 (HTTP3), ILDA Digital Network (IDN), Java Debug Wire Protocol (JDWP), LBM Stateful Resolution Service (LBMSRS), Lithionics Battery Management, .NET Message Framing Protocol (MC-NMF), .NET NegotiateStream Protocol (MS-NNS), OBSAI UDP-based Communication Protocol (UDPCP), Palo Alto Heartbeat Backup (PA-HB-Bak), ScyllaDB RPC, Technically Enhanced Capture Module Protocol (TECMP), Tunnel Extensible Authentication Protocol (TEAP), UDP based FTP w/ multicast V5 (UFTP5), and USB Printer (USBPRINTER)
Updated Protocol Support
Too many protocols have been updated to list here.
New and Updated Capture File Support
MP4 (ISO/IEC 14496-12)
DB Browser for SQLite 3.12.1
This is the first bug fix release for our 3.12.x series.
There aren't any "super critical must upgrade" bugs fixed, so updating isn't urgent. 😄
The changes in this over the 3.12.0 release include:
Enhancements
Completely reworked interface for accessing DBHub.io
Add .Net DateTime.Ticks to list of supported display formats
Add more options for setting font sizes
New predefined settings for simplified window layout
Bug fixes
Fix loading of project files with empty filter values
Fix initial table view when using the -t / --table command line option
Add status message when opening a file from the recent file list (4dfe4f7)
Make sure to not show "NULL" for empty but non-NULL values in the Edit dialog
Fix plot being drawn before all data is loaded
Restore original default for having condition format in filter line (f28ecc0)
Fix default font in the format toolbar (c4b2ffc)
Improve binary detection for cases starting by chance by a BOM
Make sure the order of the statements in the SQL log is correct (05db901)
Fix executing selected SQL text when there are multi-byte characters
Fix executing SQL queries with compound operators
Fix SQL import of files with BOM
Also update schema when clicking the Refresh button in Browse Data tab (16c3d8d)
Select column in table results when column header is pressed
Tweak the output wording for command line options
Remove the default property of the cancel button in the "Fetching data..." dialog
Fix not being saved and not applied when modifying database cells in Windows external program (f2d8f79)
Fix incorrect display of SQL calltips containing non-US-ASCII characters (9f7851b)
Fix to 'Window Layout' options work properly
Building and packaging
Fix CMake warning during compilation (115aa00)
snap: Add environment variables to set Qt theme (7b5d652)
Updated to OpenSSL 1.1.1h for the Windows and macOS builds
Platform specific
No longer force Light theme on macOS when "Follow the desktop style" is chosen (508118f)
Keep registry key consistent on Windows
Allow use of integrated graphics card instead of high performance graphics card in macOS
Use native path separators in Preferences dialog (f38b829)
Added message box for informative command line arguments for Windows
This was lost in a previous update, and is required to ensure MACHINE_ARCH is
set correctly. Fixes MACHINE_ARCH issues reported on OpenBSD/amd64 by various
people.
