openSUSE Security Update : tor (openSUSE-SU-2014:0143-1)
Medium Nessus Plugin ID 75409
SynopsisThe remote openSUSE host is missing a security update.
Description- fixes potentially poor random number generation for users who 1) use OpenSSL 1.0.0 or later, 2) set 'HardwareAccel 1' in their torrc file, 3) have 'Sandy Bridge' or 'Ivy Bridge' Intel processors and 4) have no state file in their DataDirectory (as would happen on first start). Users who generated relay or hidden service identity keys in such a situation should discard them and generate new ones. No 2 is not the default configuration for openSUSE. [bnc#859421] [CVE-2013-7295]
- added patches :
SolutionUpdate the affected tor packages.