Debian DSA-3993-1 : tor - security update
Medium Nessus Plugin ID 103716
SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was discovered that the Tor onion service could leak sensitive information to log files if the 'SafeLogging' option is set to '0'.
The oldstable distribution (jessie) is not affected.
SolutionUpgrade the tor packages.
For the stable distribution (stretch), this problem has been fixed in version 0.2.9.12-1.