Red Hat Bugzilla – Bug 1467727
CVE-2017-0377 tor: improper implementation of guard-selection algorithm could weaken anonymity
Last modified: 2017-09-20 07:36:40 EDT
Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only
considers the exit relay (not the exit relay's family), which might
allow remote attackers to defeat intended anonymity properties by
leveraging the existence of large families.
Created tor tracking bugs for this issue:
Affects: epel-all [bug 1467728]
Affects: fedora-all [bug 1467729]
Only 0.3.0.x or 0.3.1.x versions were affected by this CVE. Fedora nor EPEL currently ship a Version > 0.2.9.10, which means nobody was affected and this could be closed.