From RedHat bugzilla: Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections. Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port. Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value.
The stable version in tree is not affected, this bug is only to cleanup and track the CVE numbers. @Blueness, please remove from the tree =net-misc/tor-0.2.1.32
CVE-2011-4897 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4897): Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value. CVE-2011-4896 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4896): Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port. CVE-2011-4895 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4895): Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. CVE-2011-4894 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4894): Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections.
Requesting closure, as The current version of Tor is much newer than these CVEs. http://packages.gentoo.org/package/net-misc/tor
Cleanup done, @security, please vote.
GLSA vote: no.
GLSA vote: no Closing as noglsa