On Sat, Jan 21, 2006 at 07:17:36PM -0500, Chris Howie wrote:
Package: tor
Version: 0.1.0.16-1
Severity: grave
Tags: security
Justification: user security hole
Tor isn't included in a Debian stable release, so no need for
a DSA.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Sat, 21 Jan 2006, Chris Howie wrote:
Package: tor
Version: 0.1.0.16-1
Severity: grave
Tags: security
Justification: user security hole
Source: http://archives.seul.org/or/announce/Jan-2006/msg1.html
Basically an attacker who can run a fast Tor server can find the location of a
Peter Palfrader wrote:
Also, Tor continues to be as fine as ever for people who don't offer
hidden services, so maybe grave is a bit strong.
Nonetheless it is a serious security hole for people who *do* run hidden
services. I thought grave might be a bit too high, but serious is specifically
3 matches
Mail list logo
