openSUSE-SU-2021:0316-1: moderate: Security update for tor

openSUSE Security Update: Security update for tor______________________________________________________________________________Announcement ID: openSUSE-SU-2021:0316-1Rating: moderateReferences: #1178741 Affected Products: openSUSE Leap 15.2______________________________________________________________________________ An update that contains security fixes can now be installed.Description: This update for tor fixes the following issues: tor was updated to 0.4.5.6: * https://lists.torproject.org/pipermail/tor-announce/2021-February/000214.ht ml * Introduce a new MetricsPort HTTP interface * Support IPv6 in the torrc Address option * Add event-tracing library support for USDT and LTTng-UST * Try to read N of N bytes on a TLS connection tor was updated to 0.4.4.7: * https://blog.torproject.org/node/1990 * Stop requiring a live consensus for v3 clients and services * Re-entry into the network is now denied at the Exit level * Fix undefined behavior on our Keccak library * Strip ‘\r’ characters when reading text files on Unix platforms * Handle partial SOCKS5 messages correctly * Check channels+circuits on relays more thoroughly (TROVE-2020-005, boo#1178741)Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”. Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-316=1Package List: - openSUSE Leap 15.2 (x86_64): tor-0.4.5.6-lp152.2.6.1 tor-debuginfo-0.4.5.6-lp152.2.6.1 tor-debugsource-0.4.5.6-lp152.2.6.1References: https://bugzilla.suse.com/1178741

More…