UbuntuUpdates.org

Bugs fixes in "tor"

Origin Bug number Title Date fixed
CVE CVE-2017-8822 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that hav 2018-11-26
CVE CVE-2017-8821 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can 2018-11-26
CVE CVE-2017-8819 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache 2018-11-26
CVE CVE-2017-0376 The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_ 2018-11-26
CVE CVE-2016-8860 Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the 2018-11-26
CVE CVE-2016-1254 Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. 2018-11-26
CVE CVE-2017-8822 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that hav 2018-11-26
CVE CVE-2017-8821 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can 2018-11-26
CVE CVE-2017-8819 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache 2018-11-26
CVE CVE-2017-0376 The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_ 2018-11-26
CVE CVE-2016-8860 Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the 2018-11-26
CVE CVE-2016-1254 Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. 2018-11-26
CVE CVE-2018-0490 An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotoc 2018-11-22
CVE CVE-2018-0490 An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotoc 2018-11-22
Debian 880490 tor: Does not start when the AppArmor LSM is enabled but the apparmor package is not installed - Debian Bug report logs 2018-02-21
Debian 862993 tor: Does not start with AppArmor enabled and hidden service directory owned by non-root - Debian Bug report logs 2018-02-21
Debian 869153 tor: CVE-2017-11565: aa-exec is not longer in /usr/sbin and now apparmor is silently scraped - Debian Bug report logs 2018-02-21
Debian 867342 tor: /usr/bin/obfs4proxy fails to load under default combination of apparmor execution permission PUx and systemd NoNewPrivileges=Yes hardening - Deb 2018-02-21
Launchpad 1731698 [SRU] Tor 0.2.9.14 and 0.3.0.13 2018-02-21
Debian 880490 tor: Does not start when the AppArmor LSM is enabled but the apparmor package is not installed - Debian Bug report logs 2018-02-14



About   -   Send Feedback to @ubuntu_updates