Multiple vulnerabilities were found in Tor, the worst of which could allow remote attackers to cause a Denial of Service condition.
|Package||net-vpn/tor on all architectures|
|Affected versions||< 0.4.2.7|
|Unaffected versions||revision >= 0.4.1.9
revision >= 0.4.2.7
Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service.
Multiple vulnerabilities have been discovered in Tor, and tor. Please review the CVE identifiers referenced below for details.
A remote attacker could possibly cause a Denial of Service condition.
There is no known workaround at this time.
All Tor 0.4.1.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.1.9"
All Tor 0.4.2.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.2.7"
March 25, 2020
March 25, 2020: 1