CVE-2011-2768 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-2768 Interim 1 9 2022-10-15T17:57:39Z current 2021-05-30T12:58:43Z 2022-10-15T17:57:39Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-2768 Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed tor-0.2.8.11-1.1 tor-0.2.8.11-1.1 as a component of openSUSE Tumbleweed Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. CVE-2011-2768 openSUSE Tumbleweed:tor-0.2.8.11-1.1 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N