[SECURITY] Fedora 7 Update: tor-

updates at fedoraproject.org updates at fedoraproject.org
Sun Aug 19 15:15:47 UTC 2007

Fedora Update Notification
2007-08-19 08:15:44.398478

Name        : tor
Product     : Fedora 7
Version     :
Release     : 1.fc7
Summary     : Anonymizing overlay network for TCP (The onion router)
Description :
Tor is a connection-based low-latency anonymous communication system.

Applications connect to the local Tor proxy using the SOCKS protocol. The
local proxy chooses a path through a set of relays, in which each relay
knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each relay, which reveals
the downstream relay.

Warnings: Tor does no protocol cleaning.  That means there is a danger
that application protocols and associated programs can be induced to
reveal information about the initiator. Tor depends on Privoxy and
similar protocol cleaners to solve this problem. This is alpha code,
and is even more likely than released code to have anonymity-spoiling
bugs. The present network is very small -- this further reduces the
strength of the anonymity provided. Tor is not presently suitable for
high-stakes anonymity.

Update Information:

* Fri Aug 03 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> -
- updated to (SECURITY)

* Fri Aug  3 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> -
- updated to (SECURITY)
* Sat Jul 28 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> -
- updated to
* Sat May 26 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> -
- updated to

  [ 1 ] Bug #244502
  [ 2 ] Bug #249840
  [ 3 ] CVE-2007-3165
  [ 4 ] CVE-2007-4174
Updated packages:

c61620488084c256607d867bf65204b8478ee18e tor-
e82e0b50b9de31dcf31294c5dee2e1b2ea41e13c tor-lsb-
10c80977e6a250e199afbe7af7ab70752024928d tor-debuginfo-
3c527055884d1c43e34639ebf9e030774ab47b9b tor-core-
509e7fe43097321a878397e1a91ca4d9b12e0025 tor-core-
8b6332f771b918b3b1237694179c97fc508e0450 tor-debuginfo-
fb08a473948e08e754b490a272b05cec5ac9d807 tor-
e87b14a5592e1c65ea38d9142deb2a057b380c0e tor-lsb-
354d2688a01a2ceb579fc4c68b8e478dec23e60a tor-
2cd83eeb84b5134f01699ce922d3797b23cd9ff5 tor-debuginfo-
921f12441c335038c2ee7020c6d5075c4773b154 tor-lsb-
7551b32a2ad1b2c9961a840c5ddc7dbe62b122d1 tor-core-
fa57915f5cf4a51cd6960e4bf6c88b74b4d55a3a tor-debuginfo-
54b766272ac864a11ef3962add0fccbed36c7f65 tor-core-
f37252b781f32c03ef8a96e109dd11af06c6fa70 tor-
60ea4facebed88d420a57cc3a15a9ddf721d1c90 tor-lsb-
d04c30fe34714710eb53ff04d0be45d9827c4be0 tor-

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.

More information about the package-announce mailing list