Overview

File _patchinfo of Package patchinfo.7855

<patchinfo incident="7855">
  <packager>AndreasStieger</packager>
  <issue tracker="cve" id="2018-0490"></issue>
  <issue tracker="cve" id="2018-0491"></issue>
  <issue tracker="bnc" id="1083845">VUL-0: CVE-2018-0490: tor: null-pointer crash in directory authority protocol list code (TROVE-2018-001)</issue>
  <issue tracker="bnc" id="1083846">VUL-0: CVE-2018-0491: tor: use-after-free in KIST scheduler remote relay DoS</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for tor</summary>
  <description>This update for tor to version 0.3.2.10 fixes security issues and bugs.

The following vulnerabilities were fixed:

- CVE-2018-0490: remote crash vulnerability against directory authorities (boo#1083845, TROVE-2018-001)
- CVE-2018-0491: remote relay crash (boo#1083846, TROVE-2018-002)

This new upstream stable version also contains a new system for improved resistance to DoS attacks against relays and various other bug fixes.</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places