Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisorydenial of servicefedoraFedora 43 Tor Security Update Resolves Denial Of Service Vulnerabilities
Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0c38968a1b 2026-05-26 01:20:50.020957+00:00 -------------------------------------------------------------------------------- Name : tor Product : Fedora 43 Version : 0.4.9.8 Release : 1.fc43 URL : https://www.torproject.org Summary : Anonymizing overlay network for TCP Description : The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. This package contains the Tor software that can act as either a server on the Tor network, or as a client to connect to the Tor network. -------------------------------------------------------------------------------- Update Information: Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559 -------------------------------------------------------------------------------- ChangeLog: * Fri May 15 2026 Marcel Hrry - 0.4.9.8-1 - Update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-25-and-0-4-9-8/21559 - Fix CVE-2026-44600 (bz#2476455 / bz#2476454) - Fix CVE-2026-44599 (bz#2476453 / bz#2476452) - Fix CVE-2026-44597 (bz#2476451 / bz#2476450) - Fix CVE-2026-44601 (bz#2467732 / bz#2467731) - Fix CVE-2026-44603 (bz#2467720 / bz#2467719) - FixCVE-2026-44602 (bz#2467718 / nz@2467717) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2467295 - tor-0.4.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2467295 [ 2 ] Bug #2467718 - CVE-2026-44602 tor: Tor: Denial of service via out-of-order CERT cell [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467718 [ 3 ] Bug #2467719 - CVE-2026-44603 tor: Tor: Denial of Service via malformed BEGIN cell [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467719 [ 4 ] Bug #2467732 - CVE-2026-44601 tor: Tor: Client crash due to double close of a circuit [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467732 [ 5 ] Bug #2476451 - CVE-2026-44597 tor: Tor: Denial of Service due to out-of-bounds read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476451 [ 6 ] Bug #2476453 - CVE-2026-44599 tor: Tor: Low integrity impact via directory message manipulation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476453 [ 7 ] Bug #2476455 - CVE-2026-44600 tor: Tor: Denial of Service due to mishandling of conflux out-of-order queue accounting [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476455 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0c38968a1b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 43 Tor to the latest upstream release with security fixes for various issues, improving overall privacy.. Fedora Tor update, privacysoftware, Denial of Service prevention, security fixes. . Severity: Important. LinuxSecurity.com Team
May 26, 2026
•Important
Fedora
89
security advisorydenial of serviceFedoraFedora 34: 2021-1b60c984e5 Critical: Tor Denial of Service Fix
update to latest upstream release - fix CVE-2021-34548, CVE-2021-34549, CVE-2021-34550. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-1b60c984e5 2021-06-23 01:06:45.412601 --------------------------------------------------------------------------------Name : tor Product : Fedora 34 Version : 0.4.5.9 Release : 1.fc34 URL : https://www.torproject.org Summary : Anonymizing overlay network for TCP Description : The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. This package contains the Tor software that can act as either a server on the Tor network, or as a client to connect to the Tor network. --------------------------------------------------------------------------------Update Information: update to latest upstream release - fix CVE-2021-34548, CVE-2021-34549, CVE-2021-34550 --------------------------------------------------------------------------------ChangeLog: --------------------------------------------------------------------------------References: [ 1 ] Bug #1972879 - CVE-2021-34548 tor: RELAY_END or RELAY_RESOLVED spoofing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972879 [ 2 ] Bug #1972882 - CVE-2021-34549 tor: hashtable-based CPU denial-of-service attack against relays [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972882 [ 3 ] Bug #1972886 - CVE-2021-34550 tor: out-of-bounds memory access in v3 onion service descriptor parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972886 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-1b60c984e5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 22, 2021
•Critical
Fedora
89
security advisoryFedorasecurity fixFedora 26: FEDORA-2018-18a0cf206b Critical: Tor Security Update
Update to latest version. Security-Fixes TROVE-2018-001, TROVE-2018-002,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-18a0cf206b 2018-03-12 18:19:23.509144 --------------------------------------------------------------------------------Name : tor Product : Fedora 26 Version : 0.3.1.10 Release : 1.fc26 URL : https://www.torproject.org Summary : Anonymizing overlay network for TCP Description : The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. This package contains the Tor software that can act as either a server on the Tor network, or as a client to connect to the Tor network. --------------------------------------------------------------------------------Update Information: Update to latest version. Security-Fixes TROVE-2018-001, TROVE-2018-002, --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade tor' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Mar 12, 2018
•Critical
Fedora
89
security advisoryFedoraDoSFedora 27: 2017-12-17 Moderate: Tor Remote DoS Security Update
update to upstream release 0.3.1.9. Fixes various CVEs: CVE-2017-8819: Replay- cache ineffective for v2 onion services CVE-2017-8820: Remote DoS attack against directory authorities CVE-2017-8821: An attacker can make Tor ask for a password CVE-2017-8822: Relays can pick themselves in a circuit path CVE-2017-8823: Use- after-free in onion service v2. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-bc2edc421d 2017-12-17 18:55:59.523790 --------------------------------------------------------------------------------Name : tor Product : Fedora 27 Version : 0.3.1.9 Release : 1.fc27 URL : https://www.torproject.org Summary : Anonymizing overlay network for TCP Description : The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. This package contains the Tor software that can act as either a server on the Tor network, or as a client to connect to the Tor network. --------------------------------------------------------------------------------Update Information: update to upstream release 0.3.1.9. Fixes various CVEs: CVE-2017-8819: Replay-cache ineffective for v2 onion services CVE-2017-8820: Remote DoS attack against directory authorities CVE-2017-8821: An attacker can make Tor ask for a password CVE-2017-8822: Relays can pick themselves in a circuit path CVE-2017-8823: Use-after-free in onionservice v2 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade tor' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 17, 2017
Fedora
89
security advisorymoderatefedoraFedora 23: 2016-1234 Critical: OpenSSH Security Update Required Now
Update to upstream release 0.2.5.12. Update to upstream release 0.2.5.11.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5890 2015-04-09 15:30:34 -------------------------------------------------------------------------------- Name : tor Product : Fedora 22 Version : 0.2.5.12 Release : 1.fc22 URL : https://www.torproject.org Summary : Anonymizing overlay network for TCP (The onion router) Description : Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each relay, which reveals the downstream relay. Warnings: Tor does no protocol cleaning. That means there is a danger that application protocols and associated programs can be induced to reveal information about the initiator. Tor depends on Privoxy and similar protocol cleaners to solve this problem. This is alpha code, and is even more likely than released code to have anonymity-spoiling bugs. The present network is very small -- this further reduces the strength of the anonymity provided. Tor is not presently suitable for high-stakes anonymity. -------------------------------------------------------------------------------- Update Information: Update to upstream release 0.2.5.12. Update to upstream release 0.2.5.11. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1209804 - CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases https://bugzilla.redhat.com/show_bug.cgi?id=1209804 [ 2 ] Bug #1204773 - CVE-2015-2688 CVE-2015-2689 tor: security fixes in 0.2.4.26 and 0.2.5.11 https://bugzilla.redhat.com/show_bug.cgi?id=1204773 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update tor' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 21, 2015
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!