Lucene search

DebianDEBIAN:DSA-4932-1:FE225

HistoryJun 18, 2021 - 5:39 p.m.

[SECURITY] [DSA 4932-1] tor security update

2021-06-1817:39:55

lists.debian.org

tor

debian

cve-2021-34548

cve-2021-34549

cve-2021-34550

denial of service

spoofing

security update

low-latency communication

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

8.3

Confidence

High

EPSS

0.007

Percentile

81.2%

JSON

Debian Security Advisory DSA-4932-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
June 18, 2021 https://www.debian.org/security/faq

Package : tor
CVE ID : CVE-2021-34548 CVE-2021-34549 CVE-2021-34550
Debian Bug : 990000

Multiple security vulnerabilities were discovered in Tor, a
connection-based low-latency anonymous communication system, which
could result in denial of service or spoofing.

For the stable distribution (buster), these problems have been fixed in
version 0.3.5.15-1.

We recommend that you upgrade your tor packages.

For the detailed security status of tor please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tor

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10mipseltor< 0.3.5.15-1tor_0.3.5.15-1_mipsel.deb
Debian10mipseltor-dbgsym< 0.3.5.15-1tor-dbgsym_0.3.5.15-1_mipsel.deb
Debian10arm64tor< 0.3.5.15-1tor_0.3.5.15-1_arm64.deb
Debian10arm64tor-dbgsym< 0.3.5.15-1tor-dbgsym_0.3.5.15-1_arm64.deb
Debian10armhftor-dbgsym< 0.3.5.15-1tor-dbgsym_0.3.5.15-1_armhf.deb
Debian10amd64tor-dbgsym< 0.3.5.15-1tor-dbgsym_0.3.5.15-1_amd64.deb
Debian10mips64eltor< 0.3.5.15-1tor_0.3.5.15-1_mips64el.deb
Debian10armhftor< 0.3.5.15-1tor_0.3.5.15-1_armhf.deb
Debian10s390xtor< 0.3.5.15-1tor_0.3.5.15-1_s390x.deb
Debian10alltor< 0.3.5.15-1tor_0.3.5.15-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	mipsel	tor	< 0.3.5.15-1	tor_0.3.5.15-1_mipsel.deb
Debian	10	mipsel	tor-dbgsym	< 0.3.5.15-1	tor-dbgsym_0.3.5.15-1_mipsel.deb
Debian	10	arm64	tor	< 0.3.5.15-1	tor_0.3.5.15-1_arm64.deb
Debian	10	arm64	tor-dbgsym	< 0.3.5.15-1	tor-dbgsym_0.3.5.15-1_arm64.deb
Debian	10	armhf	tor-dbgsym	< 0.3.5.15-1	tor-dbgsym_0.3.5.15-1_armhf.deb
Debian	10	amd64	tor-dbgsym	< 0.3.5.15-1	tor-dbgsym_0.3.5.15-1_amd64.deb
Debian	10	mips64el	tor	< 0.3.5.15-1	tor_0.3.5.15-1_mips64el.deb
Debian	10	armhf	tor	< 0.3.5.15-1	tor_0.3.5.15-1_armhf.deb
Debian	10	s390x	tor	< 0.3.5.15-1	tor_0.3.5.15-1_s390x.deb
Debian	10	all	tor	< 0.3.5.15-1	tor_0.3.5.15-1_all.deb