[tor-relays] CVE-2015-7547 Tor network stats
nusenu
nusenu at openmailbox.org
Mon Feb 22 22:44:19 UTC 2016
Hi,
if we assume for simplicity that every relay running Linux that has not
rebooted since 2016-02-16 is vulnerable to CVE-2015-7547, than these are
the current stats (optimistic, because we assume that everyone that
rebooted did also update).
Vulnerable relays:
+------------+------------------+-----------------+
| cwfraction | guardprobability | exitprobability |
+------------+------------------+-----------------+
| 0.586 | 0.639 | 0.518 |
+------------+------------------+-----------------+
(1=100%)
Apply patches and reboot.
Debian
https://www.debian.org/security/2016/dsa-3481
RHEL/CentOS
https://rhn.redhat.com/errata/RHSA-2016-0176.html
Ubuntu
http://www.ubuntu.com/usn/usn-2900-1/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160222/96467d91/attachment.sig>
More information about the tor-relays
mailing list