security update for tor
- update to 0.2.2.39 [bnc#780620]
Changes in version 0.2.2.39 - 2012-09-11
Tor 0.2.2.39 fixes two more opportunities for remotely triggerable
assertions.
o Security fixes:
- Fix an assertion failure in tor_timegm() that could be triggered
by a badly formatted directory object (CVE-2012-4922).
- Do not crash when comparing an address with port value 0 to an
address policy. This bug could have been used to cause a remote
assertion failure by or against directory authorities, or to
allow some applications to crash clients (CVE-2012-4419).
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#780620
tor: update to 0.2.2.39 fixes two opportunities for remotely triggerable assertions
