A number of security issues were found in tor. The following is taken from their announcements mailing list: Changes in version 0.2.0.34 - 2009-02-08 o Security fixes: - Fix an infinite-loop bug on handling corrupt votes under certain circumstances. Bugfix on 0.2.0.8-alpha. - Fix a temporary DoS vulnerability that could be performed by a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark. - Avoid a potential crash on exit nodes when processing malformed input. Remote DoS opportunity. Bugfix on 0.2.0.33. - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid. Spec conformance issue. Bugfix on Tor 0.0.2pre27. References: http://archives.seul.org/or/announce/Feb-2009/msg00000.html http://bugs.gentoo.org/show_bug.cgi?id=258833
*** This bug has been marked as a duplicate of bug 485021 ***