Optimist

**Name of the Vulnerable Software and Affected Versions** Tor versions prior to 0.2.0.35 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, by sending a malformed router descriptor. **Recommendations** For versions prior to 0.2.0.35, update to version 0.2.0.35 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tor versions 0.1.x through 0.1.2.8-beta Tor versions 0.2.x through 0.2.0.35 **Description** The connection edge process relay cell not open function in src/or/relay.c allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. **Recommendations** For Tor versions 0.1.x through 0.1.2.8-beta, update to version 0.1.2.8-beta or later. For Tor versions 0.2.x through 0.2.0.35, update to version 0.2.0.35 or later.