Fedora: Security Advisory (FEDORA-2023-93aa6807da)
The remote host is missing an update for the 'tor' package(s) announced via the FEDORA-2023-93aa6807da advisory. The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. This package contains the Tor software that can act as either a server on the Tor network, or as a client to connect to the Tor network
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.885504");
script_tag(name:"creation_date", value:"2023-12-27 02:17:46 +0000 (Wed, 27 Dec 2023)");
script_version("2024-10-23T05:05:59+0000");
script_tag(name:"last_modification", value:"2024-10-23 05:05:59 +0000 (Wed, 23 Oct 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_name("Fedora: Security Advisory (FEDORA-2023-93aa6807da)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC39");
script_xref(name:"Advisory-ID", value:"FEDORA-2023-93aa6807da");
script_xref(name:"URL", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2023-93aa6807da");
script_xref(name:"URL", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253845");
script_xref(name:"URL", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2253847");
script_xref(name:"URL", value:"https://forum.torproject.org/t/security-release-0-4-8-10/10536");
script_tag(name:"summary", value:"The remote host is missing an update for the 'tor' package(s) announced via the FEDORA-2023-93aa6807da advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"update to latest upstream release [link moved to references]");
script_tag(name:"affected", value:"'tor' package(s) on Fedora 39.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "FC39") {
if(!isnull(res = isrpmvuln(pkg:"tor", rpm:"tor~0.4.8.10~1.fc39", rls:"FC39"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tor-debuginfo", rpm:"tor-debuginfo~0.4.8.10~1.fc39", rls:"FC39"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"tor-debugsource", rpm:"tor-debugsource~0.4.8.10~1.fc39", rls:"FC39"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo