Upstream information

CVE-2021-28090 at MITRE

Description

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1183726 [NEW], 1184261 [RESOLVED / DUPLICATE]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
  • tor >= 0.4.5.7-bp152.2.9.1
Patchnames:
openSUSE-2021-474
openSUSE Leap 15.2
  • tor >= 0.4.5.7-lp152.2.9.1
  • tor-debuginfo >= 0.4.5.7-lp152.2.9.1
  • tor-debugsource >= 0.4.5.7-lp152.2.9.1
Patchnames:
openSUSE-2021-461