-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4054-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 03, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : CVE-2017-8819 CVE-2017-8820 CVE-2017-8821 CVE-2017-8822 CVE-2017-8823 Multiple vulnerabilities have been found in Tor, a connection-based low-latency anonymous communication system. For the oldstable distribution (jessie), these problems have been fixed in version 0.2.5.16-1. For the stable distribution (stretch), these problems have been fixed in version 0.2.9.14-1. We recommend that you upgrade your tor packages. For the detailed security status of tor please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tor Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlokR9MACgkQEMKTtsN8 TjZE9Q//SFF17onhGafnjYY+Sz9xsWRAU1BcZUI9OpoJmOtvzSbQOf4Xd1jQs+Xt p1doWTw/yiKjzqf9Yi5dfhcLVgLJ5TzLLptB5JTAqgkE95C5NL7wNbjvXXbRn1f9 TR+KED8vxd6y6p96IeVMbiMm0ROBIZ3KuWVRlJGFZQtNA+1J/+/7/lP+PGReFyHu 4cq9M0OH8DVGnOW6Qr+xK2gtIC4K3xgAqNBSnC/mmiQkGIJT8eeBJ9Ngm1FutgZK 5WdaC1bPqv8TghwZBeg9TfJl+cJPm74X1gJYEZM8EcI/f/CGaCtZX04ACF5IwPlB fLTMBdGMF2WNc9iklT4RzYe/UMefLLCswFLsH25dwobO4/w/o3++av2smyqmzabe kpSjkcj/z3KbxljHPoXb9j68b3d/yrhypxa/rXfo9yCZvWOgwXY20WzVlqIOyN9C qtGO3V0z257w1C9As+xLybmgdJb+nZMQ8V4ABgaAyMmFFo1BLqMwXDoGt6eaDZr6 Ph1BD7aXay+v8zic5QYJmWwdO9sTmzNCiIWlw/Tb5hkGD6FzcyMPtjW3Ohjc7s8k eyIiY4FZRZwslyIkLhY8tOeen/TOcDkh4T4X6wyDq3jkURqcpICUXwNUtHnK0OA6 xQy80FdX+tOboah+gVxEhqn5rEuAFPP8nQxUR4fsy0r2bDgvWpQ= =BMm1 -----END PGP SIGNATURE-----