Bugzilla – Bug 1216873
VUL-0: tor: crash during handshake with a remote relay (TROVE-2023-004 )
Last modified: 2023-11-13 14:10:46 UTC
It was discovered that tor before 0.4.8.8 compiled with OpenSSL can crash during handshake with a remote relay. References: https://gitlab.torproject.org/tpo/core/tor/-/commit/7aa496a2e057bb7c3cc284a04a1a4d2941c304f1 https://gitlab.torproject.org/tpo/core/tor/-/issues/40874 https://gitlab.torproject.org/tpo/core/tor/-/issues/40880
This is an autogenerated message for OBS integration: This bug (1216873) was mentioned in https://build.opensuse.org/request/show/1123277 Backports:SLE-15-SP4+Backports:SLE-15-SP5 / tor
This is an autogenerated message for OBS integration: This bug (1216873) was mentioned in https://build.opensuse.org/request/show/1124759 Backports:SLE-15-SP6 / tor https://build.opensuse.org/request/show/1124760 Backports:SLE-12+Backports:SLE-15-SP4+Backports:SLE-15-SP5 / tor
openSUSE-SU-2023:0361-1: An update that contains security fixes can now be installed. Category: security (moderate) Bug References: 1216873 CVE References: JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): tor-0.4.8.8-bp155.2.3.1 openSUSE Backports SLE-15-SP4 (src): tor-0.4.8.8-bp154.2.15.1
done