update to upstream release 0.2.9.14. Fixes: CVE-2017-8819: Replay-cache ineffective for v2 onion services CVE-2017-8820: Remote DoS attack against directory authorities CVE-2017-8821: An attacker can make Tor ask for a password CVE-2017-8822: Relays can pick themselves in a circuit path * CVE-2017-8823: Use-after-free in onion service v2
|submitted||5 months ago|
|in testing||5 months ago|
|in stable||5 months ago|
|modified||5 months ago|
|0||0||#1520864 CVE-2017-8819 CVE-2017-8820 CVE-2017-8821 CVE-2017-8822 CVE-2017-8823 tor: Multiple vulnerabilities [epel-6]|
|0||+1||#1527018 tor-0.2.9.13-1.el7.x86_64 is unsecure and out of date|
Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.