Upstream information
Description
routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Novell/SUSE information
Novell Bugzilla entry: 776642 SUSE Security Advisories:- openSUSE-SU-2012:1068-1, published Thu, 30 Aug 2012 14:08:46 +0200 (CEST)