Fedora Core 10 FEDORA-2009-0917 (tor) Network Vulnerability

Summary

The remote host is missing an update to tor announced via advisory FEDORA-2009-0917.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update tor' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0917

Insight

Update Information: New upstream release 0.2.0.33, with lots of bug fixes and one security fix: https://blog.torproject.org/blog/tor-0.2.0.33-stable-released ChangeLog: * Thu Jan 22 2009 Enrico Scholz - 0.2.0.33-1 - updated to 0.2.0.33 (SECURITY: fixed heap-corruption bug) * Sun Dec 7 2008 Enrico Scholz - 0.2.0.32-1 - updated to 0.2.0.32 - removed -setgroups patch supplementary groups are now set upstream

References

https://bugzilla.redhat.com/show_bug.cgi?id=481289

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0414

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities