tor: security fixes (CVE-2016-8860)
Tor 0.2.8.9 backports a fix for a security hole in previous versions
of Tor that would allow a remote attacker to crash a Tor client,
hidden service, relay, or authority.
Fixed In Version:
tor 0.2.8.9
References:
http://seclists.org/oss-sec/2016/q4/178
https://blog.torproject.org/blog/tor-0289-released-important-fixes
Patch:
https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
(from redmine: issue id 6381, created on 2016-10-25, closed on 2016-12-22)