Tor 0.2.2.39 fixes two more opportunities for remotely triggerable assertions.
https://www.torproject.org/download/download
Changes in version 0.2.2.39 - 2012-09-11 o Security fixes: - Fix an assertion failure in tor_timegm() that could be triggered by a badly formatted directory object. Bug found by fuzzing with Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc. - Do not crash when comparing an address with port value 0 to an address policy. This bug could have been used to cause a remote assertion failure by or against directory authorities, or to allow some applications to crash clients. Fixes bug 6690; bugfix on 0.2.1.10-alpha.
tor-announce@lists.torproject.org