Updated tor packages fix security vulnerabilityPublication date: 25 Oct 2016
Affected Mageia releases : 5
It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority (CVE-2016-8860). The tor package has been updated to version 0.2.8.9, which fixes this issue and several other bugs, including other security issues fixed in 0.2.8.6. See the release announcements for details.