The following security holes affect T(A)ILS 0.6.1; one of those is a bug that probably allows remote code execution; see the Tor project blog post for details.

We strongly urge you to upgrade to T(A)ILS 0.6.2 in case you are still using an older version.

  • Tor (DSA-2148-1)
  • Linux kernel (many issues)
  • Iceweasel libraries: NSS (DSA-2141-2)
  • OpenSSL (DSA-2141)
  • Glibc (DSA-2122)
  • libxml2 (DSA-2137)
  • dpkg (DSA-2142)

These are Debian security announces; details can be found on