Updated tor packages fix security vulnerability
Publication date: 21 Sep 2017Modification date: 21 Sep 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-0380
Description
Due to the code that reports an error during the construction of an introduction point circuit, it is possible that some hidden services will sometimes write sensitive information into their logs if the SafeLogging option is disabled. Note that SafeLogging is enabled by default (CVE-2017-0380).
References
SRPMS
6/core
- tor-0.2.9.12-1.mga6
5/core
- tor-0.2.8.15-1.mga5