Lucene search
GoogleOSV:DLA-754-1HistoryDec 20, 2016 - 12:00 a.m.
tor - security update
2016-12-2000:00:00
Google
osv.dev
10
EPSS
0.041
Percentile
92.2%
It was discovered that Tor, a connection-based low-latency anonymous
communication system, may read one byte past a buffer when parsing
hidden service descriptors. This issue may enable a hostile hidden
service to crash Tor clients depending on hardening options and malloc
implementation.
For Debian 7 Wheezy, these problems have been fixed in version
0.2.4.27-3.
We recommend that you upgrade your tor packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>
References
Related
debian
debian
[SECURITY] [DLA 754-1] tor security update
2016-12-20 12:30:42
[SECURITY] [DSA 3741-1] tor security update
2016-12-20 12:17:53
[SECURITY] [DSA 3741-1] tor security update
2016-12-20 12:17:53
openvas
openvas
Fedora Update for tor FEDORA-2016-95b4e9077e
2017-01-01 00:00:00
Mageia: Security Advisory (MGASA-2017-0008)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-754-1)
2023-03-08 00:00:00
nessus
nessus
Debian DLA-754-1 : tor security update
2016-12-21 00:00:00
openSUSE Security Update : tor (openSUSE-2016-1527)
2016-12-29 00:00:00
Fedora 24 : tor (2016-76b646637e)
2017-01-03 00:00:00
ubuntucve
ubuntucve
CVE-2016-1254
2017-12-05 00:00:00
cvelist
cvelist
CVE-2016-1254
2017-12-05 16:00:00
osv
osv
CVE-2016-1254
2017-12-05 16:29:00
tor-0.4.6.7-2.2 on GA media
2024-06-15 00:00:00
debiancve
debiancve
CVE-2016-1254
2017-12-05 16:29:00
cve
cve
CVE-2016-1254
2017-12-05 16:29:00
fedora
fedora
[SECURITY] Fedora 24 Update: tor-0.2.8.12-1.fc24
2016-12-31 08:24:29
[SECURITY] Fedora 25 Update: tor-0.2.8.12-1.fc25
2016-12-31 06:51:14
prion
prion
Design/Logic Flaw
2017-12-05 16:29:00
mageia
mageia
Updated tor package fixes security vulnerability
2017-01-06 12:53:08
nvd
nvd
CVE-2016-1254
2017-12-05 16:29:00