Quoting tor 0.2.0.33 release announcement: Security fixes: * Fix a heap-corruption bug that may be remotely triggerable on some platforms. Reported by Ilja van Sprundel. https://blog.torproject.org/blog/tor-0.2.0.33-stable-released
tor-0.2.0.33-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.0.33-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
CVE-2009-0414: Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.
Updates are already stable: https://admin.fedoraproject.org/updates/F9/FEDORA-2009-0897 https://admin.fedoraproject.org/updates/F10/FEDORA-2009-0917
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0414 to the following vulnerability (adding just for completeness): Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0414 http://archives.seul.org/or/announce/Jan-2009/msg00000.html http://blog.torproject.org/blog/tor-0.2.0.33-stable-released http://www.securityfocus.com/bid/33399 http://www.frsirt.com/english/advisories/2009/0210 http://www.securitytracker.com/id?1021633 http://secunia.com/advisories/33635 http://secunia.com/advisories/33677