Lucene search
SuseOPENSUSE-SU-2021:1192-1HistoryAug 25, 2021 - 12:00 a.m.
Security update for tor (moderate)
2021-08-2500:00:00
lists.opensuse.org
25
0.002 Low
EPSS
Percentile
64.9%
An update that fixes one vulnerability is now available.
Description:
This update for tor fixes the following issues:
tor 0.4.6.7:
- Fix a DoS via a remotely triggerable assertion failure (boo#1189489,
TROVE-2021-007, CVE-2021-38385)
tor 0.4.6.6:
- Enable the deterministic RNG for unit tests that covers the address set
bloomfilter-based API’s
tor 0.4.6.5
- Add controller support for creating v3 onion services with client auth
- When voting on a relay with a Sybil-like appearance, add the Sybil flag
when clearing out the other flags. This lets a relay
operator know why their relay hasn’t been included in the consensus - Relays now report how overloaded they are
- Add a new DoS subsystem to control the rate of client connections for
relays - Relays now publish statistics about v3 onions services
- Improve circuit timeout algorithm for client performance
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2021-1192=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | < 15-SP3 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | ppc64le | - opensuse backports sle | < 15-SP3 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP3 | s390x | - opensuse backports sle | < 15-SP3 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | < 15-SP3 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
Related
debian
debian
[SECURITY] [DSA 4961-1] tor security update
2021-08-23 15:13:56
[SECURITY] [DSA 4961-1] tor security update
2021-08-23 15:13:56
openvas
openvas
Fedora: Security Advisory for tor (FEDORA-2021-52d6a75d28)
2021-08-26 00:00:00
openSUSE: Security Advisory for tor (openSUSE-SU-2021:1169-1)
2021-08-20 00:00:00
Fedora: Security Advisory for tor (FEDORA-2021-847ca2749a)
2021-08-26 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: tor-0.4.5.10-1.fc34
2021-08-24 03:33:38
[SECURITY] Fedora 33 Update: tor-0.4.5.10-1.fc33
2021-08-25 20:05:21
ubuntucve
ubuntucve
CVE-2021-38385
2021-08-30 00:00:00
cve
cve
CVE-2021-38385
2021-08-30 05:15:07
osv
osv
tor - security update
2021-08-23 00:00:00
CVE-2021-38385
2021-08-30 05:15:07
tor vulnerabilities
2022-10-04 11:04:57
prion
prion
Authentication flaw
2021-08-30 05:15:00
cvelist
cvelist
CVE-2021-38385
2021-08-30 00:00:00
redhatcve
redhatcve
CVE-2021-38385
2022-05-20 22:59:54
mageia
mageia
Updated tor packages fix security vulnerability
2021-09-23 07:49:29
suse
suse
Security update for tor (important)
2021-08-23 00:00:00
Security update for tor (important)
2021-08-19 00:00:00
nessus
nessus
openSUSE 15 Security Update : tor (openSUSE-SU-2021:1192-1)
2021-08-26 00:00:00
openSUSE 15 Security Update : tor (openSUSE-SU-2021:1169-1)
2021-08-20 00:00:00
Debian DSA-4961-1 : tor - security update
2021-08-23 00:00:00
nvd
nvd
CVE-2021-38385
2021-08-30 05:15:07
alpinelinux
alpinelinux
CVE-2021-38385
2021-08-30 05:15:07
debiancve
debiancve
CVE-2021-38385
2021-08-30 05:15:07
gentoo
gentoo
Tor: Multiple Vulnerabilities
2023-05-03 00:00:00
ubuntu
ubuntu
Tor vulnerabilities
2022-10-04 00:00:00