MGASA-2017-0353

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0353.html

Import Source

https://advisories.mageia.org/MGASA-2017-0353.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0353

Related

CVE-2017-0380

Published

2017-09-21T13:43:32Z

Modified

2017-09-21T13:11:48Z

Summary

Updated tor packages fix security vulnerability

Details

Due to the code that reports an error during the construction of an introduction point circuit, it is possible that some hidden services will sometimes write sensitive information into their logs if the SafeLogging option is disabled. Note that SafeLogging is enabled by default (CVE-2017-0380).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / tor

Package

Name: tor
Purl: pkg:rpm/mageia/tor?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.2.8.15-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:6 / tor

Package

Name: tor
Purl: pkg:rpm/mageia/tor?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.2.9.12-1.mga6

Ecosystem specific

{
    "section": "core"
}