Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
202
security advisorymoderatepatchCentOS: 2022:1745-3 Critical Patch for Samba Vulnerabilities
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1524-1 Rating: moderate References: #1192658 Cross-References: CVE-2021-22929 Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tor fixes the following issues: tor 0.4.6.8: * Improving reporting of general overload state for DNS timeout errors by relays * Regenerate fallback directories for October 2021 * Bug fixes for onion services * CVE-2021-22929: do not log v2 onion services access attempt warnings on disk excessively (TROVE-2021-008, boo#1192658) This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-1524=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le x86_64): tor-0.4.6.8-bp152.2.18.1 References: https://www.suse.com/security/cve/CVE-2021-22929.html https://bugzilla.suse.com/1192658 . Explore the latest openSUSE Security Patch for tor, which tackles a moderate level vulnerability and provides solutions for onion services.. openSUSE Security Update, tor update, patch management, onion services security. . LinuxSecurity.com Team
Dec 03, 2021
OpenSUSE
202
security advisorysoftware patchsecurity fixopenSUSE: 2021:1192-1 Addresses Moderate TOR DoS Threat Vulnerability
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1192-1 Rating: moderate References: #1189489 Cross-References: CVE-2021-38385 Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tor fixes the following issues: tor 0.4.6.7: * Fix a DoS via a remotely triggerable assertion failure (boo#1189489, TROVE-2021-007, CVE-2021-38385) tor 0.4.6.6: * Enable the deterministic RNG for unit tests that covers the address set bloomfilter-based API's tor 0.4.6.5 * Add controller support for creating v3 onion services with client auth * When voting on a relay with a Sybil-like appearance, add the Sybil flag when clearing out the other flags. This lets a relay operator know why their relay hasn't been included in the consensus * Relays now report how overloaded they are * Add a new DoS subsystem to control the rate of client connections for relays * Relays now publish statistics about v3 onions services * Improve circuit timeout algorithm for client performance Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2021-1192=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): tor-0.4.6.7-bp153.2.6.1 References: https://www.suse.com/security/cve/CVE-2021-38385.html https://bugzilla.suse.com/1189489 . openSUSE Security Update: Update for openssl Announcement ID:openSUSE-SU-2021:1193-1Rating: high.. openSUSE Security Update, tor DoS Threat Fix, moderate severity patch. . LinuxSecurity.com Team
Aug 25, 2021
OpenSUSE
202
security advisorydenial of serviceaccess controlopenSUSE: 2021:0926-1 Important: DoS and Access Fixes for tor
An update that solves three vulnerabilities and has three fixes is now available. . openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0926-1 Rating: important References: #1179331 #1181244 #1187322 #1187323 #1187324 #1187325 Cross-References: CVE-2021-34548 CVE-2021-34549 CVE-2021-34550 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves three vulnerabilities and has three fixes is now available. Description: This update for tor fixes the following issues: tor 0.4.5.9 * Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell (CVE-2021-34548, boo#1187322) * Detect more failure conditions from the OpenSSL RNG code (boo#1187323) * Resist a hashtable-based CPU denial-of-service attack against relays (CVE-2021-34549, boo#1187324) * Fix an out-of-bounds memory access in v3 onion service descriptor parsing (CVE-2021-34550, boo#1187325) tor 0.4.5.8 * https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-announce/2021-May/000219.html * allow Linux sandbox with Glibc 2.33 * work with autoconf 2.70+ * several other minor features and bugfixes (see announcement) - Fix logging issue due to systemd picking up stdout - boo#1181244 Continue to log notices to syslog by default. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-926=1 Package List: - openSUSE Leap 15.2 (x86_64): tor-0.4.5.9-lp152.2.12.1 tor-debuginfo-0.4.5.9-lp152.2.12.1 tor-debugsource-0.4.5.9-lp152.2.12.1 References: https://www.suse.com/security/cve/CVE-2021-34548.html https://www.suse.com/security/cve/CVE-2021-34549.html https://www.suse.com/security/cve/CVE-2021-34550.html https://bugzilla.suse.com/1179331 https://bugzilla.suse.com/1181244 https://bugzilla.suse.com/1187322 https://bugzilla.suse.com/1187323 https://bugzilla.suse.com/1187324 https://bugzilla.suse.com/1187325 . A significant patch for Tor in openSUSE tackles multiple vulnerabilities and delivers essential corrections.. openSUSE Update, tor Security Fixes, DoS Attack Mitigation. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2021
•Important
OpenSUSE
202
security advisorymoderatedenial of serviceopenSUSE Leap 15.3: 2021:0578-1 Moderate: LibXML2 Denial of Service
An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0461-1 Rating: moderate References: #1183726 Cross-References: CVE-2021-28089 CVE-2021-28090 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for tor fixes the following issues: tor was updated to 0.4.5.7 * https://archive.torproject.org/websites/lists.torproject.org/pipermail/tor-announce/2021-March/000216.html * Fix 2 denial of service security issues (boo#1183726) + Disable the dump_desc() function that we used to dump unparseable information to disk (CVE-2021-28089) + Fix a bug in appending detached signatures to a pending consensus document that could be used to crash a directory authority (CVE-2021-28090) * Ship geoip files based on the IPFire Location Database Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-461=1 Package List: - openSUSE Leap 15.2 (x86_64): tor-0.4.5.7-lp152.2.9.1 tor-debuginfo-0.4.5.7-lp152.2.9.1 tor-debugsource-0.4.5.7-lp152.2.9.1 References: https://www.suse.com/security/cve/CVE-2021-28089.html https://www.suse.com/security/cve/CVE-2021-28090.html https://bugzilla.suse.com/1183726 . The latest openSUSE update addresses several denial of service vulnerabilities in tor, rated at moderate severity, which bolsters overall system protection.. openSUSE Update, tor Security Fix, Denial of Service Issues. . LinuxSecurity.com Team
Mar 21, 2021
OpenSUSE
202
security advisoryDoS issuesecurity fixopenSUSE: 2019:1107-1 Moderate: tor Denial Of Service Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for tor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1107-1 Rating: moderate References: #1126340 Cross-References: CVE-2019-8955 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tor to version 0.3.4.11 fixes the following issues: Security issue fixed: - CVE-2019-8955: Fixed a vulnerability in the KIST cell scheduler which could lead to memory exhaustion and finally Denial-of-Service (bsc#1126340). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1107=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1107=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1107=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): tor-0.3.4.11-21.1 tor-debuginfo-0.3.4.11-21.1 tor-debugsource-0.3.4.11-21.1 - openSUSE Leap 15.0 (x86_64): tor-0.3.4.11-lp150.22.1 tor-debuginfo-0.3.4.11-lp150.22.1 tor-debugsource-0.3.4.11-lp150.22.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): tor-0.3.4.11-bp150.3.6.1 References: https://www.suse.com/security/cve/CVE-2019-8955.html https://bugzilla.suse.com/1126340 -- . A recent patch for tor in openSUSE resolves a noteworthy security vulnerability that could lead to a Denial of Service. It's advisable to implement these updates promptly!. openSUSE SecurityUpdate, tor Update, Denial Of Service Fix. . LinuxSecurity.com Team
Apr 02, 2019
OpenSUSE
87
security advisoryDebiansecurity patchDebian: DSA-3993-1 Important: Fix for Tor Service Information Leak
It was discovered that the Tor onion service could leak sensitive information to log files if the "SafeLogging" option is set to "0". The oldstable distribution (jessie) is not affected. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3993-1
Oct 06, 2017
•Important
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!