[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-announce] Tor security advisory: OpenSSL flaw

To: tor-announce@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-announce] Tor security advisory: OpenSSL flaw
From: Roger Dingledine <arma@xxxxxxx>
Date: Thu, 10 Apr 2014 04:09:20 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 10 Apr 2014 04:12:01 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-announce/>
List-help: <mailto:tor-announce-request@lists.torproject.org?subject=help>
List-id: "announce: Important announcements relating to Tor" <tor-announce.lists.torproject.org>
List-post: <mailto:tor-announce@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce>, <mailto:tor-announce-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-announce>, <mailto:tor-announce-request@lists.torproject.org?subject=unsubscribe>
Sender: "tor-announce" <tor-announce-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-06-14)

A new OpenSSL vulnerability is out this week, which can be used to reveal
memory to a connected client or server. Tor uses OpenSSL so all Tor users
(clients, relays, etc) are potentially affected.

You can read many more details about the Tor impact on our blog post:
https://blog.torproject.org/blog/openssl-bug-cve-2014-0160

We have released an updated Tor Browser Bundle:
https://blog.torproject.org/blog/tor-browser-354-released

--Roger

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-announce mailing list
tor-announce@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce

Index(es):
- Author
- Thread