Common Vulnerabilities and Exposures assigned an identifier CVE-2012-2250 to the following vulnerability: Name: CVE-2012-2250 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2250 Assigned: 20120416 Reference: https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog Tor before 0.2.3.24-rc allows remote attackers to cause a denial of service (assertion failure and daemon exit) by performing link protocol negotiation incorrectly. This issue only affects the version of tor in EPEL 5. Fedora and EPEL 6 are using 0.2.3.25 and are therefore not affected.
Created tor tracking bugs for this issue: Affects: epel-5 [bug 1060769]
tor-0.2.4.25-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
All active branches of Fedora and EPEL now have tor 0.2.4.25 and are thus no longer affected by this bug.