Debian Security Advisory 5320-1

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5320-1                   [email protected]://www.debian.org/security/                       Moritz MuehlenhoffJanuary 16, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : torCVE ID         : CVE-2023-23589A logic error was discovered in the implementation of the "SafeSocks"option of Tor, a connection-based low-latency anonymous communicationsystem, which did result in allowing unsafe SOCKS4 traffic to pass.For the stable distribution (bullseye), this problem has been fixed inversion 0.4.5.16-1.We recommend that you upgrade your tor packages.For the detailed security status of tor please refer toits security tracker page at:https://security-tracker.debian.org/tracker/torFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIyBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPFo7EACgkQEMKTtsN8TjYBiQ/3Z0/GsDkFaQcjChUneEGZwHDjyw1H/0FzOSbAl6KAjCeiPX645IQZ00Nilqc+uldH8YdXfbM3K330ld25VOb4F7ETgWqeP2nEGtqgTrYkg0EiQFWOtf+cF80wkwo+fK+Okq7FKT2ujBNXnZeUcUfwlUfa+Zuo87g9tYU5WNzyl5SB8F13sq9AyWRZK/1EKJqpeKhsjPfTM06ee2sEXX8vxMXEKvBtzdk5FonAPU2NLv0Nr+P82aFWUsCrSpjN0yU4qN6/mv7ePqWrk+OJlBdTi2sNv7Yu7S/kDnmkiBR0UqkL4eQve/+UUlR0FEVMrzgJKtITT5zLFsmBNHZmx9LDHkAQsNTSefze4SFYSPqykOYvKpF2UmYtwl+wWcttU/He7RVNiw6WE1i4Du+YOyD9BT3nVC2Aql3hcsKGsOHSxWXWUIXFtG9zIagzZ/KGLFWS7VnMXO6x3a7lYTjgR0LzZFruCpSyzh5polM9adaR3PBsoVLfUQpq5c2OWVMEAHbu8hCWPmVLiOnyLo8vTT7lxMwErWNC/fs4WshpDNu2hD+LW8ZZoRpqN2lzlUAsTaxyTLvDblS/NZM4byHfEcB0yFQEWLEreFyNR9qbgo0/gFrWk6OZdT0odTFVTeTUDnlf+WnJnwP8KV5OJl5GHvERnpDwPQCxH6UaPoF1BSos8A==jzew-----END PGP SIGNATURE-----