35 matches found
Security update for tor (moderate)
openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2026:0188-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP7 An update that contains security fixes can now be installed. Description: This update for tor fixes the following issues: - Upda...
OPENSUSE-SU-2026:20889-1 Security update for tor
This update for tor fixes the following issues: Changes in tor: - Update to 0.4.9.9 Major bugfixes compression, security: - Fix a compression bomb bypass where an attacker could concatenate many gzip or zlib sub-streams, each just under the per-stream detection threshold, to avoid the compression...
CVE-2026-44600
A flaw was found in Tor. This vulnerability occurs due to mishandling of the conflux out-of-order queue accounting during queue clearing. A remote attacker with high attack complexity could exploit this flaw, leading to a denial of service...
CVE-2026-44599
A flaw was found in Tor. This vulnerability allows a remote attacker to manipulate directory information by attempting or accepting specific BEGINDIR messages through an internal mechanism known as conflux legs. This could result in a low integrity impact, where the accuracy or trustworthiness of...
openSUSE 16 Security Update : tor (openSUSE-SU-2026:20709-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20709-1 advisory. Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via...
SUSE CVE-2026-44599
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...
SUSE CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
DEBIAN-CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44599
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...
UBUNTU-CVE-2026-44599
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...
UBUNTU-CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44600
CVE-2026-44600 affects Tor prior to 0.4.9.7, where the conflux out-of-order queue is not correctly accounted during queue clearing (TROVE-2026-010). The issue is described as a handling/queue accounting bug in the conflux component, with impact listed as low availability impact in at least one CV...
CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
EUVD-2026-28237
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44600
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
CVE-2026-44599
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...
CVE-2026-44599
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...