Security update for tor
This update for tor to version 0.3.2.10 fixes security issues and bugs.
The following vulnerabilities were fixed:
- CVE-2018-0490: remote crash vulnerability against directory authorities (boo#1083845, TROVE-2018-001)
- CVE-2018-0491: remote relay crash (boo#1083846, TROVE-2018-002)
This new upstream stable version also contains a new system for improved resistance to DoS attacks against relays and various other bug fixes.
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1083845
VUL-0: CVE-2018-0490: tor: null-pointer crash in directory authority protocol list code (TROVE-2018-001)
bnc#1083846
VUL-0: CVE-2018-0491: tor: use-after-free in KIST scheduler remote relay DoS
