Update Info

openSUSE-2021-1192


Security update for tor


Type: security
Severity: moderate
Issued: 2021-08-25
Description:
This update for tor fixes the following issues:

tor 0.4.6.7:

* Fix a DoS via a remotely triggerable assertion failure
  (boo#1189489, TROVE-2021-007, CVE-2021-38385)

tor 0.4.6.6:

* Enable the deterministic RNG for unit tests that covers the
  address set bloomfilter-based API's

tor 0.4.6.5

* Add controller support for creating v3 onion services with
  client auth
* When voting on a relay with a Sybil-like appearance, add the
  Sybil flag when clearing out the other flags. This lets a relay
  operator know why their relay hasn't been included in the
  consensus
* Relays now report how overloaded they are
* Add a new DoS subsystem to control the rate of client
  connections for relays
* Relays now publish statistics about v3 onions services
* Improve circuit timeout algorithm for client performance


              

Packages


  • tor-0.4.6.7-bp153.2.6.1