openSUSE Security Update: Security update for tor

Announcement ID:    openSUSE-SU-2021:0334-1
Rating:             moderate
References:         #1178741 
Affected Products:
                    openSUSE Backports SLE-15-SP2

   An update that contains security fixes can now be installed.


   This update for tor fixes the following issues:

   tor was updated to

   * Introduce a new MetricsPort HTTP interface
   * Support IPv6 in the torrc Address option
   * Add event-tracing library support for USDT and LTTng-UST
   * Try to read N of N bytes on a TLS connection

   tor was updated to

   * Stop requiring a live consensus for v3 clients and services
   * Re-entry into the network is now denied at the Exit level
   * Fix undefined behavior on our Keccak library
   * Strip '\r' characters when reading text files on Unix platforms
   * Handle partial SOCKS5 messages correctly

   * Check channels+circuits on relays more thoroughly (TROVE-2020-005,

   This update was imported from the openSUSE:Leap:15.2:Update update project.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP2:

      zypper in -t patch openSUSE-2021-334=1

Package List:

   - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):