Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.
|Package||net-misc/tor on all architectures|
|Affected versions||< 0.2.1.30|
|Unaffected versions||>= 0.2.1.30|
Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service.
Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.
There is no known workaround at this time.
All Tor users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.