Advisories » MGASA-2017-0176

Updated tor packages fix security vulnerability

Publication date: 14 Jun 2017
Modification date: 14 Jun 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-0376

Description

A remotely triggerable assertion failure caused by receiving a
BEGIN_DIR cell on a hidden service rendezvous circuit (CVE-2017-0376).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21056
• https://blog.torproject.org/blog/tor-0308-released-fix-hidden-services-also-are-02429-02514-02612-0278-02814-and-02911
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0376

SRPMS

5/core

• tor-0.2.8.14-1.mga5