User: Password:
|
|
Subscribe / Log in / New account

tor: poor random number generation

Package(s):tor CVE #(s):CVE-2013-7295
Created:January 28, 2014 Updated:February 13, 2014
Description: From the bug report:

Tor 0.2.4.20 fixes potentially poor random number generation for users who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors, and 4) have no state file in their DataDirectory (as would happen on first start). Users who generated relay or hidden service identity keys in such a situation should discard them and generate new ones.

Alerts:
Mandriva MDVSA-2014:123 tor 2014-06-11
openSUSE openSUSE-SU-2014:0143-1 tor 2014-01-28
Mageia MGASA-2014-0059 tor 2014-02-12

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds