openSUSE-SU-2022:10023-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/openSUSE-SU-2022:10023-1

Upstream

Related

Published

2022-06-22T19:02:23Z

Modified

2025-05-07T18:14:09.814041Z

Summary

Security update for tor

Details

This update for tor fixes the following issues:

tor was updated to 0.4.7.8:

Fix a scenario where RTT estimation can become wedged, seriously degrading congestion control performance on all circuits. This impacts clients, onion services, and relays, and can be triggered remotely by a malicious endpoint. (TROVE-2022-001, CVE-2022-33903, boo#1200672)
Regenerate fallback directories generated on June 17, 2022.
Update the geoip files to match the IPFire Location Database, as retrieved on 2022/06/17.
Allow the rseq system call in the sandbox
logging bug fixes

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.7.8-bp154.2.3.1

{
    "binaries": [
        {
            "tor": "0.4.7.8-bp154.2.3.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.7.8-bp154.2.3.1

{
    "binaries": [
        {
            "tor": "0.4.7.8-bp154.2.3.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.7.8-bp154.2.3.1

{
    "binaries": [
        {
            "tor": "0.4.7.8-bp154.2.3.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.7.8-bp154.2.3.1

{
    "binaries": [
        {
            "tor": "0.4.7.8-bp154.2.3.1"
        }
    ]
}