Candidate: CVE-2011-2768
PublicDate: 2011-12-23 03:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768
Description:
 Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS
 certificate chain as part of an outgoing OR connection, which allows remote
 relays to bypass intended anonymity properties by reading this chain and
 then determining the set of entry guards that the client or bridge had
 selected.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_tor:
upstream_tor: not-affected (0.2.2.35-1)
hardy_tor: ignored (reached end-of-life)
lucid_tor: DNE
maverick_tor: DNE
natty_tor: ignored (reached end-of-life)
oneiric_tor: ignored (reached end-of-life)
precise_tor: not-affected (0.2.2.35-1)
quantal_tor: not-affected (0.2.2.35-1)
raring_tor: not-affected (0.2.2.35-1)
devel_tor: not-affected (0.2.2.35-1)