Red Hat Bugzilla – Bug 244502
CVE-2007-3165: tor < 0.1.2.14 information disclosure
Last modified: 2007-11-30 17:12:07 EST
"Tor before 0.1.2.14 can construct circuits in which an entry guard is in the
same family as the exit node, which might compromise the anonymity of traffic
sources and destinations by exposing traffic to inappropriate remote observers."
It is already built:
But I cannot find it in bodhi.
tor-0.1.2.16-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.