From Mageia wiki
MGASA-2012-0356
Date: | December 7th, 2012 |
Affected releases: | 2 |
Description:
Updated tor package fixes security vulnerability:
Denial of Service vulnerability in Tor before 0.2.3.25, due to an error
when handling SENDME cells and can be exploited to cause excessive
consumption of memory resources within an entry node
(SA51329, CVE-2012-5573).
Updated Packages:
tor-0.2.2.39-2.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573
https://secunia.com/advisories/51329/
https://trac.torproject.org/projects/tor/ticket/6252
http://lists.opensuse.org/opensuse-updates/2012-12/msg00018.html
https://bugs.mageia.org/show_bug.cgi?id=8325