[Bug 219941] New: Tor < 0.1.1.26 has security problem | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219941
Summary: Tor < 0.1.1.26 has security problem
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://archives.seul.org/or/announce/Dec-
2006/msg00000.html
OS/Version: Linux
Status: NEW
Severity: urgent
Priority: urgent
Component: tor
AssignedTo: enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx
ReportedBy: roozbeh@xxxxxxxxxxxxx
QAContact: extras-qa@xxxxxxxxxxxxxxxxx
CC: extras-qa@xxxxxxxxxxxxxxxxx,fedora-security-
list@xxxxxxxxxx
Description of problem:
Tor 0.1.1.26 fixes a serious privacy bug for people who use the
HttpProxyAuthenticator config option: Tor would send your proxy auth
directly to the directory server when you're tunnelling directory
requests through Tor. Specifically, this happens when publishing or
accessing hidden services, or when you have set FascistFirewall or
ReachableAddresses and you're accessing a directory server that's not
reachable directly.
Version-Release number of selected component (if applicable):
tor-0.1.1.25-1.fc6
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Coolkey] [Fedora Tools]
