Tor Project has released a new version of its client software to fix a serious vulnerability that allows an attacker to strip users of their anonymity on the network. The new version also includes a number of other security and privacy fixes. The attack that s fixed in this release isn t related to the one publicized by researcher Eric Filiol earlier this week. It relies on the fact that user clients will reuse their. certificates when connecting to different Tor relays, which can enable an attacker. to identify a specific user by his certificate.
Source: https://threatpost.com/new-tor-release-fixes-de-anonymization-attack-102811/75816/