openSUSE Leap 15.2: Important Security Update for Tor Announced
opensuse
February 20, 2021
An update that contains security fixes can now be installed.
Description
This update for tor fixes the following issues:
tor was updated to 0.4.5.6:
*
https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-announce/2021-February/000214.html
* Introduce a new MetricsPort HTTP interface
* Support IPv6 in the torrc Address option
* Add event-tracing library support for USDT and LTTng-UST
* Try to read N of N bytes on a TLS connection
tor was updated to 0.4.4.7:
* https://blog.torproject.org/new-releases-tor-03513-0438-and-0447/
* Stop requiring a live consensus for v3 clients and services
* Re-entry into the network is now denied at the Exit level
* Fix undefined behavior on our Keccak library
* Strip '\r' characters when reading text files on Unix platforms
* Handle partial SOCKS5 messages correctly
* Check channels+circuits on relays more thoroughly (TROVE-2020-005,
boo#1178741)
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-316=1
Package List
- openSUSE Leap 15.2 (x86_64):
tor-0.4.5.6-lp152.2.6.1
tor-debuginfo-0.4.5.6-lp152.2.6.1
tor-debugsource-0.4.5.6-lp152.2.6.1
References
https://bugzilla.suse.com/1178741
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2021:0316-1
Rating: moderate
Affected Products:
openSUSE Leap 15.2
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!