-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : tor Version : 0.2.4.27-2
It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority. This update aims to defend against this general class of security bugs. For Debian 7 "Wheezy", this problem has been fixed in version 0.2.4.27-2. For the stable distribution (jessie), this problem has been fixed in version 0.2.5.12-3., for unstable (sid) with version 0.2.8.9-1, and for experimental with 0.2.9.4-alpha-1. Additionally, for wheezy this updates the set of authority directory servers to the one from Tor 0.2.8.7, released in August 2016. We recommend that you upgrade your tor packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYBj5YAAoJEIYCyCA4cjMfJlgIAKioP6EPic795VGJQAZmpUTy qYxGwMpimRfdOvIAEGxJ9nZhEhFnc9JiHSfi5iSYXMaXU0AqIuYHPFAn3dxfIbJZ dIGlTYgx4XtAuh6q9OYJ3HkUA7jE6BBhLxdVdI/Qkm5cfLCbXhpJLGJx9UF0NDNA ZagIyTBHNtxt+iX3gO1CU1r2BI1IS/UrJD+o0/VeS9qaVaFlZ1nPiQ2XFwbigD1a NOeIUEIou3hbpjZ7UPKnERplA4rCV42872zLJNAkpbqqjdsohxuTfkWEL9Cu72DO 9E9VBMnAubHLN3jY/DbVvsCl+NgT4ALm+0dkK2mL6fbNX3ihbPZQ/59mnKE2QpM= =Xe2n -----END PGP SIGNATURE-----