The Tor project has released 0.2.2.34 [1] which corrects the following flaws: A design flaw in Tor could allow a malicious relay server to learn certain information that they should not be able to learn. A malicious relay that a user connected to directly could learn which other relays that user is connected to directly. Combining this with other attacks, this flaw could lead to de-anonymizing the user (CVE-2011-2768). [2],[3],[4] In 0.2.2.34, bridges now refuse CREATE or CREATE_FAST cells on OR connections that they initiated. Previously, relays could distinguish incoming bridge connections from client connections, creating another avenue for enumerating bridges (CVE-2011-2769). [5] [1] https://blog.torproject.org/blog/tor-02234-released-security-patches [2] https://gitweb.torproject.org/tor.git/commitdiff/638fdedcf16cf7d6f7c586d36f7ef335c1c9714f [3] https://gitweb.torproject.org/tor.git/commitdiff/00fffbc1a15e2696a89c721d0c94dc333ff419ef [4] https://gitweb.torproject.org/tor.git/commitdiff/4684ced1b3fced0543fa65bf01f75c5d81eaf464 [5] https://gitweb.torproject.org/tor.git/commitdiff/a74e7fd40f1a77eb4000d8216bb5b80cdd8a6193 (I may be slightly off on the git commits, particular for [3] and [4] which look like they are mitigation patches for dealing with unpatched clients; I believe that that [2] is the actual fix for CVE-2011-2768).
Created tor tracking bugs for this issue Affects: epel-5 [bug 749841] Affects: fedora-all [bug 749842]
tor-0.2.1.31-1500.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.2.34-1600.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
all branches were upgraded a long time ago