openSUSE Security Update : tor (openSUSE-2016-1526)
Medium Nessus Plugin ID 96174
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for tor updates to version 0.2.8.12 and fixes the following issues :
- a hostile hidden service could cause tor clients to crash (boo#1016343, CVE-2016-1254)
- updated fallback directory list
- updated geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 Country database.
- When Tor leaves standby because of a new application request, open circuits as needed to serve that request
- Clients now respond to new application stream requests immediately when they arrive, rather than waiting up to one second before starting to handle them
SolutionUpdate the affected tor packages.