Tor has released new versions on August 16: https://blog.torproject.org/node/2062 0.3.5.16 fixes a security issue. Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Fixed upstream in 0.3.5.16
openSUSE has issued an advisory for this on August 19: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PMWWIBVBPI5X7QIC5VO3NJURIXL33ROT/
tor-0.3.5.16-1.mga8 uploaded to updates_testing by Jani.
CC: (none) => jani.valimaaWhiteboard: MGA8TOO => (none)Version: Cauldron => 8Assignee: jani.valimaa => qa-bugsStatus comment: Fixed upstream in 0.3.5.16 => (none)
MGA8 64 XFCE. Updates Tor with QA repo. I've checked Tor as follow: systemctl stop tor systemctl start tor systemctl status Tor => Ok tor.service - Anonymizing overlay network for TCP Loaded: loaded (/usr/lib/systemd/system/tor.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2021-08-23 20:36:55 CEST; 7min ago Process: 29716 ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify> Main PID: 29717 (tor) Tasks: 1 (limit: 4581) Memory: 37.4M CPU: 1.662s CGroup: /system.slice/tor.service └─29717 /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc août 23 20:36:54 localhost Tor[29717]: Bootstrapped 0%: Starting août 23 20:36:55 localhost Tor[29717]: Starting with guard context "default" août 23 20:36:55 localhost Tor[29717]: Signaled readiness to systemd août 23 20:36:55 localhost systemd[1]: Started Anonymizing overlay network for TCP. août 23 20:36:55 localhost Tor[29717]: Bootstrapped 10%: Finishing handshake with directory server août 23 20:36:55 localhost Tor[29717]: Bootstrapped 80%: Connecting to the Tor network août 23 20:36:55 localhost Tor[29717]: Bootstrapped 90%: Establishing a Tor circuit août 23 20:36:55 localhost Tor[29717]: Opening Control listener on /run/tor/control août 23 20:36:55 localhost Tor[29717]: Opened Control listener on /run/tor/control août 23 20:36:55 localhost Tor[29717]: Bootstrapped 100%: Done Check Tor on: https://check.torproject.org/ => ok
CC: (none) => guillaume.royer
Debian has issued an advisory for this today (August 23): https://www.debian.org/security/2021/dsa-4961
Mga 8 Gnome Installed Tor with QA repos (tsocks and Tor) systemctl start tor systemctl status tor tor.service - Anonymizing overlay network for TCP Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2021-09-03 17:16:52 CEST; 6s ago Process: 3743 ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/to> Main PID: 3744 (tor) Tasks: 1 (limit: 2320) Memory: 46.6M CPU: 982ms CGroup: /system.slice/tor.service └─3744 /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc sept. 03 17:16:56 localhost Tor[3744]: I learned some more directory information, but not enough to build a circuit: > sept. 03 17:16:56 localhost Tor[3744]: The current consensus contains exit nodes. Tor can build exit and internal pat> sept. 03 17:16:56 localhost Tor[3744]: Bootstrapped 55%: Loading relay descriptors sept. 03 17:16:56 localhost Tor[3744]: Bootstrapped 62%: Loading relay descriptors sept. 03 17:16:56 localhost Tor[3744]: Bootstrapped 70%: Loading relay descriptors sept. 03 17:16:56 localhost Tor[3744]: Bootstrapped 75%: Loading relay descriptors sept. 03 17:16:56 localhost Tor[3744]: Bootstrapped 80%: Connecting to the Tor network sept. 03 17:16:57 localhost Tor[3744]: Bootstrapped 85%: Finishing handshake with first hop sept. 03 17:16:57 localhost Tor[3744]: Bootstrapped 90%: Establishing a Tor circuit sept. 03 17:16:57 localhost Tor[3744]: Bootstrapped 100%: Done ~ tor --v Sep 03 17:19:23.627 [notice] Tor 0.3.5.16 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1k, Zlib 1.2.11, Liblzma 5.2.5, and Libzstd 1.4.8. Check Tor on: https://check.torproject.org/ => NOK Sorry. You are not runing Tor.
CC: (none) => hdetavernier
Tor services is enabled at startup and running. After reboot, I've got always this: Sorry. You are not runing Tor.
(In reply to Hugues Detavernier from comment #6) > Tor services is enabled at startup and running. > After reboot, I've got always this: > Sorry. You are not runing Tor. After starting tor.service and tor-master.service, the browser needs to be configured to use a socks5 proxy. In firefox, Edit/Settings, click on the Settings button under Network Settings (very end of the settings), then select "Manual proxy configuration" enter "127.0.0.1" for the SOCKS Host and "9050" for the Port. After that, in my test https://check.torproject.org/ shows ... Congratulations. This browser is configured to use Tor. Your IP address appears to be: 185.220.100.253
CC: (none) => davidwhodgins
Thanks Dave. It's all good.
(In reply to Hugues Detavernier from comment #8) > Thanks Dave. > > It's all good. So this is OK for you, then? If you are satisfied with the results of your test, you should put the appropriate OK (MGA8-64-OK or MGA8-32-OK) in the Whiteboard field near the top of this page.
CC: (none) => andrewsfarm
I should have done so when I posted comment 7. Ok added and update validated.
Whiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0426.html
Status: NEW => RESOLVEDResolution: (none) => FIXED