Fedora 14 : tor-0.2.1.28-1400.fc14 (2010-19147)
Critical Nessus Plugin ID 51391
SynopsisThe remote Fedora host is missing a security update.
DescriptionMajor bugfixes :
- Fix a remotely exploitable bug that could be used to crash instances of Tor remotely by overflowing on the heap. Remote-code execution hasn't been confirmed, but can't be ruled out. Everyone should upgrade.
Directory authority changes :
- Change IP address and ports for gabelmoo (v3 directory authority).
Minor features :
- Update to the December 1 2010 Maxmind GeoLite Country database.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected tor package.