New version of Tor plugs security leak
Although the Tor project developers recently announced that they had eliminated all errors and security vulnerabilities from their anonymisation software, they were refering to those discovered by Coverity. They have now released version 0.2.0.33, which plugs a vulnerability pointed out by Ilja van Sprundel, a security specialist.
The vulnerability is reported to be a heap corruption that can be exploited remotely on some systems, but the change log doesn't explain exactly what to make of this. At any rate, they classify this as an important security-related problem and are advising users to update. The new version also eliminates many minor and major errors regarding stability. Ready-made Tor package installers for Windows and Mac are available to download, and there are finished RPMs for Suse Linux and Redhat.
See also:
- Tor 0.2.0.33-released
- Tor anonymous network now has zero known bugs, a heise online report
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
