CVE-2011-0016

Priority
Medium
Description
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly
manage key data in memory, which might allow local users to obtain
sensitive information by leveraging the ability to read memory that was
previously used by a different process.
References
Bugs
Package
Source: tor (LP Ubuntu Debian)
Upstream:released (0.2.1.29)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):not-affected (0.2.1.29-1)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (0.2.1.29-1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (0.2.1.29-1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:21:42 UTC (commit 5347)