[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] CVE-2015-7547 Tor network stats



Hi,

you say that 64% of the guard relays and 51% of the exit relaysare are unpatched ? That's horrible!

~Josef

Am 22.02.2016 um 23:44 schrieb nusenu:
Hi,

if we assume for simplicity that every relay running Linux that has not
rebooted since 2016-02-16 is vulnerable to CVE-2015-7547, than these are
the current stats (optimistic, because we assume that everyone that
rebooted did also update).

Vulnerable relays:

+------------+------------------+-----------------+
| cwfraction | guardprobability | exitprobability |
+------------+------------------+-----------------+
|      0.586 |            0.639 |           0.518 |
+------------+------------------+-----------------+
(1=100%)

Apply patches and reboot.

Debian
https://www.debian.org/security/2016/dsa-3481

RHEL/CentOS
https://rhn.redhat.com/errata/RHSA-2016-0176.html

Ubuntu
http://www.ubuntu.com/usn/usn-2900-1/



_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays