openSUSE Security Update : tor (openSUSE-2017-690)
Medium Nessus Plugin ID 100831
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update to tor 0.2.9.11 fixes the following vulnerabilities :
- CVE-2017-0375: remotely triggerable assertion failure when a hidden service handles a malformed BEGIN cell (bsc#1043455)
- CVE-2017-0376: remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit (bsc#1043456)
SolutionUpdate the affected tor packages.