Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Fixes bug 40389; bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548. References: https://lists.torproject.org/pipermail/tor-announce/2021-June/000220.html https://lists.torproject.org/pipermail/tor-announce/2021-June/000221.html
Created tor tracking bugs for this issue: Affects: epel-all [bug 1972880] Affects: fedora-all [bug 1972879]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.