Lucene search
SuseOPENSUSE-SU-2021:0474-1HistoryMar 25, 2021 - 12:00 a.m.
Security update for tor (moderate)
2021-03-2500:00:00
lists.opensuse.org
13
0.003 Low
EPSS
Percentile
68.2%
An update that fixes two vulnerabilities is now available.
Description:
This update for tor fixes the following issues:
tor was updated to 0.4.5.7
https://lists.torproject.org/pipermail/tor-announce/2021-March/000216.html
- Fix 2 denial of service security issues (boo#1183726)
- Disable the dump_desc() function that we used to dump unparseable
information to disk (CVE-2021-28089) - Fix a bug in appending detached signatures to a pending consensus
document that could be used to crash a directory authority
(CVE-2021-28090)
- Disable the dump_desc() function that we used to dump unparseable
- Ship geoip files based on the IPFire Location Database
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2021-474=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP2 | aarch64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP2 | ppc64le | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP2 | s390x | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
| openSUSE Backports SLE | 15-SP2 | x86_64 | - opensuse backports sle | < 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
Related
osv
osv
tor - security update
2021-03-16 00:00:00
CVE-2021-28090
2021-03-19 05:15:12
CVE-2021-28089
2021-03-19 05:15:12
nessus
nessus
Fedora 33 : tor (2021-e68317166d)
2021-03-24 00:00:00
openSUSE Security Update : tor (openSUSE-2021-461)
2021-03-24 00:00:00
Debian DSA-4871-1 : tor - security update
2021-03-17 00:00:00
suse
suse
Security update for tor (moderate)
2021-03-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0180)
2022-01-28 00:00:00
openSUSE: Security Advisory for tor (openSUSE-SU-2021:0461-1)
2021-04-16 00:00:00
Debian: Security Advisory (DSA-4871-1)
2021-03-18 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: tor-0.4.5.7-1.fc33
2021-03-24 02:40:45
debian
debian
[SECURITY] [DSA 4871-1] tor security update
2021-03-16 20:30:02
[SECURITY] [DSA 4871-1] tor security update
2021-03-16 20:30:02
mageia
mageia
Updated tor packages fix security vulnerabilities
2021-04-12 22:59:59
cve
cve
CVE-2021-28090
2021-03-19 05:15:12
CVE-2021-28089
2021-03-19 05:15:12
ubuntucve
ubuntucve
CVE-2021-28090
2021-03-19 00:00:00
CVE-2021-28089
2021-03-19 00:00:00
alpinelinux
alpinelinux
CVE-2021-28090
2021-03-19 05:15:12
CVE-2021-28089
2021-03-19 05:15:12
gentoo
gentoo
Tor: Multiple vulnerabilities
2021-07-10 00:00:00
debiancve
debiancve
CVE-2021-28089
2021-03-19 05:15:12
CVE-2021-28090
2021-03-19 05:15:12
nvd
nvd
CVE-2021-28089
2021-03-19 05:15:12
CVE-2021-28090
2021-03-19 05:15:12
cvelist
cvelist
CVE-2021-28089
2021-03-19 04:18:41
CVE-2021-28090
2021-03-19 04:19:06
veracode
veracode
Denial Of Service (DoS)
2021-03-17 21:04:21
Denial Of Service (DoS)
2021-03-17 21:03:38
prion
prion
Design/Logic Flaw
2021-03-19 05:15:00
Code injection
2021-03-19 05:15:00
ubuntu
ubuntu
Tor vulnerabilities
2022-10-04 00:00:00