Bugzilla – Bug 923284
VUL-0: CVE-2015-2688, CVE-2015-2689: tor: 0.2.4.26 and 0.2.5.11 fix several security and stability issues
Last modified: 2015-03-25 12:05:02 UTC
https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.2.5.11 https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.2.4.26 It backports several bugfixes from the 0.2.6 branch, including a couple of medium-level security fixes for relays and exit nodes. It also updates the list of directory authorities. * Directory authority updates * relay crashes trough assertion * exit node crash through assertion under high DNS load * do not crash when receiving SIGHUP with the seccomp2 sandbox on * do not crash sh during attempts to call wait4
This is an autogenerated message for OBS integration: This bug (923284) was mentioned in https://build.opensuse.org/request/show/291648 Factory / tor https://build.opensuse.org/request/show/291649 13.2+13.1 / tor
http://seclists.org/oss-sec/2015/q1/1001 Update released
openSUSE-SU-2015:0600-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 923284 CVE References: CVE-2015-2688,CVE-2015-2689 Sources used: openSUSE 13.2 (src): tor-0.2.4.26-9.1 openSUSE 13.1 (src): tor-0.2.4.26-5.26.1