Advisories ยป MGASA-2016-0356

Updated tor packages fix security vulnerability

Publication date: 25 Oct 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-8860


It has been discovered that Tor treats the contents of some buffer chunks
as if they were a NUL-terminated string. This issue could enable a remote
attacker to crash a Tor client, hidden service, relay, or authority

The tor package has been updated to version, which fixes this
issue and several other bugs, including other security issues fixed in  See the release announcements for details.