Common Vulnerabilities and Exposures assigned an identifier CVE-2010-1676 to
the following vulnerability:
Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before
0.2.2.20-alpha allows remote attackers to cause a denial of service
(daemon crash) or possibly execute arbitrary code via unspecified
The updated (v0.2.1.28 version based) version of Tor is already present
in Fedora -testing repository. Once the prescribed testing phase is
finished, the particular packages will be pushed to -stable repository.
This issue affects the version of the tor package, as present within
Please schedule a rebase.
Created tor tracking bugs for this issue
Affects: epel-5 [bug 671263]
fixed long time ago