drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Signaturen in torbrowser-launcher
| Name: |
Mangelnde Prüfung von Signaturen in torbrowser-launcher |
|
| ID: |
FEDORA-2016-b98995ae24 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 23 |
|
| Datum: |
Fr, 25. März 2016, 16:23 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
torbrowser-launcher |
|
Originalnachricht |
Name : torbrowser-launcher
Product : Fedora 23
Version : 0.2.4
Release : 1.fc23
URL : https://github.com/micahflee/torbrowser-launcher
Summary : Tor Browser Bundle managing tool
Description :
Tor Browser Launcher is intended to make Tor Browser easier to
install and use for GNU/Linux users. You install torbrowser-launcher
from your distribution's package manager and it handles everything else:
* Downloads and installs the most recent version of Tor Browser in your
language
and for your computer's architecture, or launches Tor Browser if it's
already
installed (Tor Browser will automatically update itself)
* Verifies Tor Browser's signature for you, to ensure the version you
downloaded
was cryptographically signed by Tor developers and was not tampered with
* Adds "Tor Browser" and "Tor Browser Launcher Settings"
application launcher
to your desktop environment's menu
* Optionally plays a modem sound when you open Tor Browser
(because Tor is so slow)
-------------------------------------------------------------------------------
-
Update Information:
Fix signature verification bypass attack, reported by Jann Horn
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1317324 - torbrowser-launcher-v0.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317324
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update torbrowser-launcher' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
