diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-08-23 17:46:58 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-08-23 17:46:58 +0200 |
commit | f06e2808e33a8a7710f82dd1644ed0f5fe11df66 (patch) | |
tree | d4c4ab0d018f81eba0d2883272ddf8dc792507c3 | |
parent | 6fa99d42d28f5e95bc11e906e60e9c03152727f7 (diff) |
[DSA 4961-1] tor security update
-rw-r--r-- | english/security/2021/dsa-4961.data | 13 | ||||
-rw-r--r-- | english/security/2021/dsa-4961.wml | 23 |
2 files changed, 36 insertions, 0 deletions
diff --git a/english/security/2021/dsa-4961.data b/english/security/2021/dsa-4961.data new file mode 100644 index 00000000000..9d9736027ec --- /dev/null +++ b/english/security/2021/dsa-4961.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4961-1 tor</define-tag> +<define-tag report_date>2021-8-23</define-tag> +<define-tag secrefs>CVE-2021-38385</define-tag> +<define-tag packages>tor</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2021/dsa-4961.wml b/english/security/2021/dsa-4961.wml new file mode 100644 index 00000000000..9027bfd28e1 --- /dev/null +++ b/english/security/2021/dsa-4961.wml @@ -0,0 +1,23 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Henry de Valence reported a flaw in the signature verification code in +Tor, a connection-based low-latency anonymous communication system. A +remote attacker can take advantage of this flaw to cause an assertion +failure, resulting in denial of service.</p> + +<p>For the oldstable distribution (buster), this problem has been fixed +in version 0.3.5.16-1.</p> + +<p>For the stable distribution (bullseye), this problem has been fixed in +version 0.4.5.10-1~deb11u1.</p> + +<p>We recommend that you upgrade your tor packages.</p> + +<p>For the detailed security status of tor please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/tor">https://security-tracker.debian.org/tracker/tor</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2021/dsa-4961.data" +# $Id: $ |