Tor: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 201110-13 / Tor
||October 18, 2011
||October 18, 2011: 1
All supported architectures
Multiple vulnerabilities were found in Tor, the most severe of
which may allow a remote attacker to execute arbitrary code.
Tor is an implementation of second generation Onion Routing, a
connection-oriented anonymizing communication service.
Multiple vulnerabilities have been discovered in Tor. Please review the
CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to execute arbitrary code
with the privileges of the Tor process or create a Denial of Service.
There is no known workaround at this time.
All Tor users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since April 2, 2011. It is likely that your system is already
no longer affected by this issue.