Delivery-Date: Tue, 16 Feb 2016 16:10:59 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id A895F1E02C5;
	Tue, 16 Feb 2016 16:10:57 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 18756392C6;
	Tue, 16 Feb 2016 21:10:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3D758392D5
 for <tor-talk@lists.torproject.org>; Tue, 16 Feb 2016 21:10:49 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JMVhQIMllzW3 for <tor-talk@lists.torproject.org>;
 Tue, 16 Feb 2016 21:10:49 +0000 (UTC)
Received: from smtp12.openmailbox.org (smtp12.openmailbox.org [62.4.1.46])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 115C9392B8
 for <tor-talk@lists.torproject.org>; Tue, 16 Feb 2016 21:10:49 +0000 (UTC)
Received: by mail2.openmailbox.org (Postfix, from userid 1004)
 id BA9A82AC4D70; Tue, 16 Feb 2016 22:10:45 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1455657045;
 bh=cuveqUluxM4GqF+kkG/YKlkKzL+ZIhTcIxntX/I4W+o=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=N/cmNsMmC6nQ1VYnPWjfndQihXkeJOSmt8YBYOX48qEPszdQWNWb3Oi+YB/PXHLM4
 y55//0ptjYiKhyMBtMebUyF8xdWDLIAWbzwr0PjmXfsYzN+j7SVcrP21fP+L371qKr
 VGuyeslenvMs36f+gYT41jeX6QEIYqhRmFmA8iwQ=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1455657045;
 bh=cuveqUluxM4GqF+kkG/YKlkKzL+ZIhTcIxntX/I4W+o=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=N/cmNsMmC6nQ1VYnPWjfndQihXkeJOSmt8YBYOX48qEPszdQWNWb3Oi+YB/PXHLM4
 y55//0ptjYiKhyMBtMebUyF8xdWDLIAWbzwr0PjmXfsYzN+j7SVcrP21fP+L371qKr
 VGuyeslenvMs36f+gYT41jeX6QEIYqhRmFmA8iwQ=
To: tor-talk@lists.torproject.org
References: <CAKDKvuznXZFaoqMaURzWQ7S8bUs3zxoowBA05zSGbOVEWtmS=w@mail.gmail.com>
From: nusenu <nusenu@openmailbox.org>
X-Enigmail-Draft-Status: N1110
Message-ID: <56C3904E.4070603@openmailbox.org>
Date: Tue, 16 Feb 2016 21:10:38 +0000
MIME-Version: 1.0
In-Reply-To: <CAKDKvuznXZFaoqMaURzWQ7S8bUs3zxoowBA05zSGbOVEWtmS=w@mail.gmail.com>
Subject: Re: [tor-talk] The CVE-2015-7547 glibc getaddrinfo() vulnerability,
 and you.
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5519317628083696870=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5519317628083696870==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="xv9w3KAKUXWmrJpSDf8hSfsFNrEQ4pHf7"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--xv9w3KAKUXWmrJpSDf8hSfsFNrEQ4pHf7
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable


I'm wondering whether clients, using tor's DNSPort as upstream DNS
server, were  "accidentally protected" against exploits trying to take
advantage of this vulnerability.
(or the other way around: where exits in a "lucky" position to
compromise all their clients by providing them special DNS responses)


--xv9w3KAKUXWmrJpSDf8hSfsFNrEQ4pHf7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWw5BSAAoJEFv7XvVCELh0ilwP/jiy/g7K+/+zzlHQdDi33FR2
E88uAD6lDBbkh1ZLWmCbvxOD3KsTX71vgyB87mSL66UiWM3CL+Z3dc/TCA0TPKPg
qoxQnN24DZbNUyMW/NcRwpYwAmmQb0Syrh3j88OaN7yQbIxPeCagYE2hTzjGHEsM
+s4ekRd9iX+ouTt+jeJaS7QkMhARyoCvfRyRSf+YQfDm+q9BUyDf/8g3sim5CmfH
lnVtvl/21072/b/DDUBunZu23ghD7/OFyTtTUHPi08E0anwy8zLw42eGkgDJDp4s
S/O1SU9McrjeVkIW8ai05+TbSNZ6dJ/QT6H9u+I8bgVqbupNBqxuhRR8hV4hruG2
5I5z036lLVOyLnXEWpH1exZ1pmIYORKwNQpfF5c1S2rZbQIOJP41SUbAhh288fUV
7wVxWyNh8eIK0UjiRvN0kVONsWh1zxSJCYN8M4CJdsjEjF1d4v27KFD3kRwpEwwB
oKxkPiDyWFsvqOMQuM63rpJJadDl0Sm3npwvo3kFv6fxr4QwoLBwbxW9zumipQdT
WC3SMq9ii7XsFpyWZfQQIi3WH1dTu9s+rNp4Zm8q3P7HaSiK0DzWFGXRwqVKROQL
XmARMqRKqZ9vLkwTU9uPo6ovlWmRA3GVnyiTnAzv7mw1MR9ENH0ci23Ap+g/Wa42
xbv9uVtAowdGw/u1OrUW
=KMae
-----END PGP SIGNATURE-----

--xv9w3KAKUXWmrJpSDf8hSfsFNrEQ4pHf7--

--===============5519317628083696870==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============5519317628083696870==--

