A new version of tor package was made available containing security fixes. External References: https://blog.torproject.org/blog/tor-0289-released-important-fixes References: http://seclists.org/oss-sec/2016/q4/178
Created tor tracking bugs for this issue: Affects: fedora-all [bug 1386500] Affects: epel-all [bug 1386501]
Upstream bug: https://trac.torproject.org/projects/tor/ticket/20384 Upstream patch: https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce CVE assignment: http://seclists.org/oss-sec/2016/q4/193