[Frugalware-darcs] homepage-ng: FSA195-tor

voroskoi voroskoi at frugalware.org
Thu Jun 7 12:43:32 CEST 2007

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070607103554-dd049-9ab4b9b1f13b152ece9568866a4eba2814917113.gz;

voroskoi <voroskoi at frugalware.org>**20070607103554] {
hunk ./frugalware/xml/security.xml 29
+	<fsa>
+		<id>195</id>
+		<date>2007-06-07</date>
+		<author>voroskoi</author>
+		<package>tor</package>
+		<vulnerable></vulnerable>
+		<unaffected></unaffected>
+		<bts>http://bugs.frugalware.org/task/2121</bts>
+		<cve>No CVE for this issue.</cve>
+		<desc>lodger has reported a weakness in Tor, which potentially can be ex=
ploited by malicious people to expose sensitive information. When building =
a circuit, Tor checks if an entry guard is exactly the same as an exit guar=
d, but fails to check if they are also part of the same family. This may we=
aken the Tor security concept and could make it easier to launch certain at=
+	</fsa>

More information about the Frugalware-darcs mailing list