Overview

File _patchinfo of Package patchinfo.19147

<patchinfo incident="19147">
  <issue tracker="cve" id="2025-4444"/>
  <issue tracker="bnc" id="1250101">VUL-0: CVE-2025-4444: tor: Tor Onion Service Descriptor resource consumption</issue>
  <packager>AndreasStieger</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for tor</summary>
  <description>This update for tor fixes the following issues:

- 0.4.8.18
  * CVE-2025-4444: onion service descriptor resource consumption
    issue (boo#1250101)

- 0.4.8.17
  * Minor features and bugfixes
  * use quantum-resistant MLKEM-768 cipher

- tor 0.4.8.16
  * fix typo in a directory authority rule file
  * fix a sandbox issue for bandwidth authority and a conflux issue
    on the control port
  * client fix about relay flag usage

- tor 0.4.8.14
  * bugfix for onion service directory cache
  * test-network now unconditionally includes IPv6
  * Regenerate fallback directories 2025-02-05
  * Update the geoip files to 2025-02-05
  * Fix a pointer free

- tor 0.4.8.13
  * Conflux related client circuit building performance bugfix
  * Fix minor memory leaks
  * Add STATUS TYPE=version handler for Pluggable Transport

- tor 0.4.8.12
  * Minor features and bugfixes
  * See https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places