In association with heise online

23 January 2009, 11:25

New version of Tor plugs security leak

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Although the Tor project developers recently announced that they had eliminated all errors and security vulnerabilities from their anonymisation software, they were refering to those discovered by Coverity. They have now released version, which plugs a vulnerability pointed out by Ilja van Sprundel, a security specialist.

The vulnerability is reported to be a heap corruption that can be exploited remotely on some systems, but the change log doesn't explain exactly what to make of this. At any rate, they classify this as an important security-related problem and are advising users to update. The new version also eliminates many minor and major errors regarding stability. Ready-made Tor package installers for Windows and Mac are available to download, and there are finished RPMs for Suse Linux and Redhat.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit