It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception (TROVE-2018-001). For the stable distribution (stretch), this problem has been fixed in version 0.2.9.15-1. We recommend that you upgrade your tor packages. For the detailed security status of tor please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tor
It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception (TROVE-2018-001).
For the stable distribution (stretch), this problem has been fixed in version 0.2.9.15-1.
We recommend that you upgrade your tor packages.
For the detailed security status of tor please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tor