Change log for tor package in Ubuntu
1 → 75 of 144 results | First • Previous • Next • Last |
Published in oracular-proposed |
tor (0.4.8.11-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Fri, 12 Apr 2024 09:22:56 +0200
Published in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
tor (0.4.8.10-1build2) noble; urgency=medium * No-change rebuild for libevent t64. -- Matthias Klose <email address hidden> Mon, 01 Apr 2024 10:14:55 +0200
Available diffs
- diff from 0.4.8.10-1build1 to 0.4.8.10-1build2 (270 bytes)
tor (0.4.8.10-1build1) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <email address hidden> Tue, 05 Mar 2024 02:06:21 +0000
Available diffs
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
tor (0.4.8.10-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 10 Dec 2023 20:09:09 +0100
Available diffs
- diff from 0.4.8.9-1 to 0.4.8.10-1 (204.8 KiB)
tor (0.4.8.9-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Fri, 10 Nov 2023 18:29:41 +0100
Available diffs
- diff from 0.4.8.7-1 to 0.4.8.9-1 (435.0 KiB)
- diff from 0.4.8.8-1 to 0.4.8.9-1 (145.0 KiB)
tor (0.4.8.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 05 Nov 2023 18:58:59 +0100
Available diffs
- diff from 0.4.8.7-1 to 0.4.8.8-1 (360.3 KiB)
tor (0.4.8.7-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Wed, 04 Oct 2023 19:58:14 +0200
Available diffs
- diff from 0.4.8.4-2 to 0.4.8.7-1 (819.9 KiB)
Superseded in noble-release |
Published in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
tor (0.4.8.4-2) unstable; urgency=medium * Enable building with the Proof-of-Work feature by configuring with --enable-gpl. Note that this causes the resulting binary to be covered by the GPL. -- Peter Palfrader <email address hidden> Thu, 24 Aug 2023 08:02:38 +0200
Available diffs
- diff from 0.4.7.13-1 to 0.4.8.4-2 (1.3 MiB)
Superseded in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
tor (0.4.7.13-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Thu, 12 Jan 2023 18:31:32 +0100
Available diffs
- diff from 0.4.7.12-1 to 0.4.7.13-1 (293.6 KiB)
tor (0.4.7.12-1) unstable; urgency=medium * New upstream version. * Put tor services after network-online.target instead of after network.target (re: tpo/core/tor#40679). -- Peter Palfrader <email address hidden> Sat, 10 Dec 2022 17:15:53 +0100
Available diffs
- diff from 0.4.7.11-1 to 0.4.7.12-1 (206.7 KiB)
tor (0.4.7.11-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sat, 12 Nov 2022 09:58:38 +0100
Available diffs
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
tor (0.4.7.10-1build1) kinetic; urgency=medium * No-change rebuild against libevent-2.1-7a (LP: #1990941) -- Benjamin Drung <email address hidden> Fri, 07 Oct 2022 19:58:46 +0200
Available diffs
tor (0.4.7.10-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Wed, 17 Aug 2022 21:26:27 +0200
Available diffs
- diff from 0.4.7.9-1 to 0.4.7.10-1 (524.1 KiB)
tor (0.4.7.9-1) unstable; urgency=medium [ Pier Angelo Vendrame ] * Update apparmor policy to allow running snowflake-client. [ Peter Palfrader ] * New upstream version. -- Peter Palfrader <email address hidden> Thu, 11 Aug 2022 17:47:24 +0200
Available diffs
- diff from 0.4.7.8-1 to 0.4.7.9-1 (781.7 KiB)
tor (0.4.7.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 19 Jun 2022 14:19:53 +0200
Available diffs
- diff from 0.4.7.7-1 to 0.4.7.8-1 (239.4 KiB)
tor (0.4.7.7-1) unstable; urgency=medium * Upload 0.4.7.x tree to unstable. * New upstream version. -- Peter Palfrader <email address hidden> Wed, 27 Apr 2022 23:52:43 +0200
Available diffs
- diff from 0.4.6.10-1 to 0.4.7.7-1 (660.7 KiB)
Superseded in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
tor (0.4.6.10-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 27 Feb 2022 13:58:14 +0100
Available diffs
- diff from 0.4.6.9-1 to 0.4.6.10-1 (272.8 KiB)
tor (0.4.6.9-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 19 Dec 2021 10:52:57 +0100
Available diffs
tor (0.4.6.8-1build1) jammy; urgency=medium * No-change rebuild against openssl3 -- Simon Chopin <email address hidden> Mon, 29 Nov 2021 16:22:57 +0100
Available diffs
tor (0.4.6.8-1) unstable; urgency=medium * Upload 0.4.6.x tree to unstable. * New upstream version. -- Peter Palfrader <email address hidden> Sun, 31 Oct 2021 13:35:00 +0100
Available diffs
- diff from 0.4.5.9-1 to 0.4.6.8-1 (672.1 KiB)
- diff from 0.4.5.10-1 to 0.4.6.8-1 (352.5 KiB)
Superseded in jammy-proposed |
tor (0.4.5.10-1) unstable; urgency=medium * New upstream version. - Resolve an assertion failure caused by a behavior mismatch between our batch-signature verification code and our single-signature verification code. This assertion failure could be triggered remotely, leading to a denial of service attack. We fix this issue by disabling batch verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de Valence. -- Peter Palfrader <email address hidden> Tue, 17 Aug 2021 19:34:05 +0200
Superseded in jammy-release |
Obsolete in impish-release |
Deleted in impish-proposed (Reason: Moved to impish) |
tor (0.4.5.9-1) unstable; urgency=medium * New upstream version, fixing several (security) issues (closes: #990000). For a full list see the upstream changelog. It includes: - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548. - Detect more failure conditions from the OpenSSL RNG code. Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself. Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. - Resist a hashtable-based CPU denial-of-service attack against relays. Previously we used a naive unkeyed hash function to look up circuits in a circuitmux object. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now we use a SipHash construction here instead. Bugfix on 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - Fix an out-of-bounds memory access in v3 onion service descriptor parsing. An attacker could exploit this bug by crafting an onion service descriptor that would crash any client that tried to visit it. Bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei Glazunov from Google's Project Zero. -- Peter Palfrader <email address hidden> Fri, 18 Jun 2021 11:06:56 +0200
Available diffs
- diff from 0.4.5.8-1 to 0.4.5.9-1 (155.4 KiB)
tor (0.4.5.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Wed, 19 May 2021 08:51:43 +0200
Available diffs
- diff from 0.4.5.7-1 to 0.4.5.8-1 (348.3 KiB)
tor (0.4.5.7-1) unstable; urgency=high * New upstream version, fixes two security issues: - Disable the dump_desc() function. (TROVE-2021-001 and CVE-2021-28089). - Fix a bug in appending detached signatures. (TROVE-2021-002 and CVE-2021-28090) -- Peter Palfrader <email address hidden> Tue, 16 Mar 2021 15:01:09 +0100
Available diffs
- diff from 0.4.5.6-1 to 0.4.5.7-1 (2.0 MiB)
Superseded in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
tor (0.4.5.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Tue, 16 Feb 2021 08:43:47 +0100
Available diffs
- diff from 0.4.5.5-rc-1 to 0.4.5.6-1 (17.3 KiB)
tor (0.4.5.5-rc-1) unstable; urgency=medium * New upstream version. * Upload 0.4.5.x tree to unstable; this is the last RC of that tree. If all goes well, it will be the next stable, so try to get it some more testing. -- Peter Palfrader <email address hidden> Tue, 02 Feb 2021 07:36:28 +0100
Available diffs
- diff from 0.4.4.6-1 to 0.4.5.5-rc-1 (901.0 KiB)
tor (0.4.4.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Thu, 12 Nov 2020 14:11:45 +0100
Available diffs
- diff from 0.4.4.5-1 to 0.4.4.6-1 (14.3 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
tor (0.4.4.5-1) unstable; urgency=medium * Upload 0.4.4.x tree to unstable. * New upstream version. -- Peter Palfrader <email address hidden> Tue, 15 Sep 2020 15:39:59 +0200
Available diffs
- diff from 0.4.3.6-1 to 0.4.4.5-1 (314.7 KiB)
tor (0.4.3.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Mon, 13 Jul 2020 11:56:30 +0200
Available diffs
- diff from 0.4.3.5-1 to 0.4.3.6-1 (14.2 KiB)
tor (0.4.3.5-1) unstable; urgency=medium * Upload 0.4.3.x tree to unstable. * New upstream version. -- Peter Palfrader <email address hidden> Fri, 15 May 2020 15:01:38 +0200
Available diffs
- diff from 0.4.2.7-1 to 0.4.3.5-1 (745.9 KiB)
Superseded in groovy-release |
Published in focal-release |
Deleted in focal-proposed (Reason: moved to Release) |
tor (0.4.2.7-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Wed, 18 Mar 2020 21:33:26 +0100
Available diffs
- diff from 0.4.2.6-1 to 0.4.2.7-1 (15.5 KiB)
tor (0.4.2.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Fri, 31 Jan 2020 10:15:07 +0100
Available diffs
- diff from 0.4.2.5-1 to 0.4.2.6-1 (5.6 KiB)
tor (0.4.2.5-1) unstable; urgency=medium * Upload 0.4.2.x tree to unstable. * New upstream version. -- Peter Palfrader <email address hidden> Mon, 16 Dec 2019 10:24:22 +0100
Available diffs
- diff from 0.4.1.6-1 to 0.4.2.5-1 (1.2 MiB)
tor (0.4.1.5-1build1) focal; urgency=medium * No-change rebuild for libevent soname changes. -- Matthias Klose <email address hidden> Sat, 19 Oct 2019 19:58:46 +0000
Available diffs
tor (0.4.1.6-1) unstable; urgency=medium * New upstream version. * logrotate snippet: call invoke-rc.d instead of service for service status and reload since this seems to be more in line with Debian policy. -- Peter Palfrader <email address hidden> Sun, 22 Sep 2019 22:27:48 +0200
Available diffs
Superseded in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to release) |
tor (0.4.1.5-1) unstable; urgency=medium * New upstream version; upload 0.4.1.x to unstable. * Fix three typos in README.Debian. * Avoid setting DEB_HOST_ARCH_OS in debian/rules as that should be pre-initialized nowadays. * tor-geoipdb: change from priority extra to optional as the former is obsolete. * Set Standards-Version to 4.4.0. * The fix for #930113, runit support, added an /etc/tor/conf to set the ulimit -n when run under runit. That directory is a bad place. It confuses users, nowhere is it apparent that only runit cares about that directory and that e.g. sysV or systemd don't. Get rid of that directory and the MAX_FILEDESCRIPTORS file in it and set a reasonable default in the runit script if MAX_FILEDESCRIPTORS is not already set. -- Peter Palfrader <email address hidden> Wed, 21 Aug 2019 09:59:54 +0200
Available diffs
- diff from 0.4.0.5-2 to 0.4.1.5-1 (981.0 KiB)
tor (0.4.0.5-2) unstable; urgency=medium * Upload 0.4.0.x tree to unstable. -- Peter Palfrader <email address hidden> Sat, 13 Jul 2019 16:00:05 +0200
Available diffs
- diff from 0.3.5.8-1 to 0.4.0.5-2 (764.6 KiB)
Superseded in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
tor (0.3.5.8-1) unstable; urgency=medium * Replace all references to /var/run with /run (closes: #918898). * New upstream version. - Includes a fix for a medium-severity security bug: Make KIST consider the outbuf length when computing what it can put in the outbuf. Previously, KIST acted as though the outbuf were empty, which could lead to the outbuf becoming too full. It is possible that an attacker could exploit this bug to cause a Tor client or relay to run out of memory and crash. Fixes bug 29168; bugfix on 0.3.2.1-alpha. This issue is also being tracked as TROVE-2019-001 and CVE-2019-8955. -- Peter Palfrader <email address hidden> Thu, 21 Feb 2019 21:28:32 +0100
Available diffs
- diff from 0.3.5.7-1 to 0.3.5.8-1 (352.5 KiB)
tor (0.3.5.7-1) unstable; urgency=medium * New upstream version, upload 0.3.5.x tree to unstable. -- Peter Palfrader <email address hidden> Tue, 08 Jan 2019 09:22:13 +0100
Available diffs
- diff from 0.3.4.9-7 to 0.3.5.7-1 (4.6 MiB)
tor (0.3.4.9-7) unstable; urgency=medium * setup-onion-service: mark as flaky -- Peter Palfrader <email address hidden> Fri, 07 Dec 2018 18:21:40 +0100
Available diffs
- diff from 0.3.4.9-5 to 0.3.4.9-7 (1.1 KiB)
tor (0.2.4.27-1ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: DoS (client crash) via a crafted hidden service descriptor. - debian/patches/CVE-2016-1254.patch: Fix parsing bug with unrecognized token at EOS. - CVE-2016-1254 * SECURITY UPDATE: DoS (crash) via crafted data. - debian/patches/CVE-2016-8860.patch: Protect against NUL-terminated inputs. - CVE-2016-8860 * SECURITY UPDATE: DoS (assertion failure and daemon exit) via a BEGIN_DIR rendezvous circuit. - debian/patches/CVE-2017-0376.patch: Fix assertion failure. - CVE-2017-0376 * SECURITY UPDATE: Replay-cache protection mechanism is ineffective for v2 onion services. - debian/patches/CVE-2017-8819.patch: Fix length of replaycache-checked data. - CVE-2017-8819 * SECURITY UPDATE: DoS (application hang) via a crafted PEM input. - debian/patches/CVE-2017-8821.patch: Avoid asking for passphrase on junky PEM input. - CVE-2017-8821 * SECURITY UPDATE: Relays, that have incompletely downloaded descriptors, can pick themselves in a circuit path, leading to a degradation of anonymity - debian/patches/CVE-2017-8822.patch: Use local descriptor object to exclude self in path selection. - CVE-2017-8822 -- Eduardo Barretto <email address hidden> Fri, 23 Nov 2018 14:25:06 -0200
Available diffs
tor (0.2.9.14-1ubuntu1~16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Remote crash attack against directory authorities. - debian/patches/CVE-2018-0490.patch: Correctly handle NULL returns from parse_protocol_list when voting. - CVE-2018-0490 -- Eduardo Barretto <email address hidden> Thu, 22 Nov 2018 13:37:42 -0200
tor (0.3.4.9-5) unstable; urgency=medium * New autopkgtest: setup-onion-service. -- Peter Palfrader <email address hidden> Tue, 06 Nov 2018 16:08:35 +0100
Available diffs
- diff from 0.3.3.9-1 to 0.3.4.9-5 (1.1 MiB)
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
tor (0.3.3.9-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Fri, 13 Jul 2018 22:24:19 +0200
Available diffs
- diff from 0.3.3.8-1 to 0.3.3.9-1 (38.8 KiB)
tor (0.3.3.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Tue, 10 Jul 2018 10:50:11 +0200
Available diffs
- diff from 0.3.3.7-1 to 0.3.3.8-1 (143.0 KiB)
tor (0.3.3.7-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Wed, 13 Jun 2018 09:31:15 +0200
Available diffs
- diff from 0.3.3.6-1 to 0.3.3.7-1 (137.2 KiB)
tor (0.3.3.6-1) unstable; urgency=medium * New upstream version, upload 0.3.3.x tree to unstable. * Start using upstream's minimal torrc as our default /etc/tor/torrc. * Put longer torrc.sample into /usr/share/doc. -- Peter Palfrader <email address hidden> Wed, 23 May 2018 00:08:43 +0200
Available diffs
- diff from 0.3.2.10-1 to 0.3.3.6-1 (882.2 KiB)
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
tor (0.3.2.10-1) unstable; urgency=medium * New upstream version. - Includes an important security fix for a remote crash attack against directory authorities. [TROVE-2018-001 and CVE-2018-0490] - Additionally, backports a fix for Tor#24700, which was originally fixed in 0.3.3.2-alpha but had its severity upgraded now as it can be remotely triggered and can crash relays. [TROVE-2018-002 and CVE-2018-0491] -- Peter Palfrader <email address hidden> Sat, 03 Mar 2018 14:37:34 +0100
Available diffs
tor (0.3.0.13-0ubuntu1~17.10.2) artful-security; urgency=medium * No change rebuild for the security pocket. -- Seth Arnold <email address hidden> Wed, 28 Feb 2018 14:53:07 -0800
Available diffs
tor (0.2.9.14-1ubuntu1~16.04.2) xenial-security; urgency=medium * No-change rebuild for the security pocket. -- Seth Arnold <email address hidden> Wed, 28 Feb 2018 14:47:47 -0800
Available diffs
tor (0.3.0.13-0ubuntu1~17.10.1) artful; urgency=medium [ Peter Palfrader ] * Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor, causing all errors while switching to the new apparmor profile to be ignored. This is not ideal, but for now it's probably the best solution. Thanks to intrigeri; closes: #880490. [ Simon Deziel ] * New upstream version: 0.3.0.13 (LP: #1731698) - Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820. - When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819. - Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823. - When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. - When running as a relay, make sure that we never choose ourselves as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. * New upstream version: 0.3.0.12 - Directory authority changes * New upstream version: 0.3.0.11 - Fix TROVE-2017-008: Stack disclosure in hidden services logs when SafeLogging disabled (CVE-2017-0380) * debian/rules: stop overriding micro-revision.i
Available diffs
tor (0.2.9.14-1ubuntu1~16.04.1) xenial; urgency=medium [ Peter Palfrader ] * apparmor: use Pix instead of PUx for obfs4proxy, giving us better confinement of the child process while actually working with systemd's NoNewPrivileges. (closes: #867342) * Do not rely on aa-exec and aa-enabled being in /usr/sbin in the SysV init script. This change enables apparmor confinement on some system-V systems again. (closes: #869153) * Update apparmor profile: replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH to match the systemd capability bounding set changed with 0.3.0.4-rc-1. This change will allow tor to start again under apparmor if hidden services are configured. Patch by intrigeri. (closes: #862993) * Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service capability bounding set. Read access is sufficient for Tor (as root on startup) to check its onion service directories (see #847598). * Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor, causing all errors while switching to the new apparmor profile to be ignored. This is not ideal, but for now it's probably the best solution. Thanks to intrigeri; closes: #880490. [ Simon Deziel ] * Backport 0.2.9.14 to 16.04 (LP: #1731698) * debian/rules: stop overriding micro-revision.i * debian/control: drop build-conflicts * debian/control: Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf] * Resync with Debian Stretch
Available diffs
tor (0.3.2.9-1build1) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 23:29:18 +0000
Available diffs
tor (0.3.2.9-1) unstable; urgency=medium * New upstream version, upload 0.3.2.x tree to unstable. -- Peter Palfrader <email address hidden> Tue, 16 Jan 2018 10:49:46 +0100
Available diffs
- diff from 0.3.1.9-1 to 0.3.2.9-1 (1.1 MiB)
tor (0.3.1.9-1) unstable; urgency=high * New upstream version, including among others: - Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820. - When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819. - Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823. - When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. - When running as a relay, make sure that we never choose ourselves as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. * Build-depend on libcap-dev on linux-any so we can build tor with capabilities support to retain the capability to bind to low ports; closes: #882281, #700179. -- Peter Palfrader <email address hidden> Fri, 01 Dec 2017 23:32:58 +0100
Available diffs
- diff from 0.3.1.8-2 to 0.3.1.9-1 (142.5 KiB)
tor (0.3.1.8-2) unstable; urgency=medium * Recent linux packages in Debian have enabled the apparmor Linux-Security-Module by default. Therefore, users are likely to have apparmor support not only built into their kernel but also actively enabled at runtime. Unfortunately, without the apparmor package being installed, systemd's AppArmorProfile= service setting will cause the unit to fail to start. . Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor, causing all errors while switching to the new apparmor profile to be ignored. This is not ideal, but for now it's probably the best solution. . Thanks to intrigeri; closes: #880490. -- Peter Palfrader <email address hidden> Thu, 02 Nov 2017 21:31:27 +0100
Available diffs
- diff from 0.3.0.10-1 to 0.3.1.8-2 (855.3 KiB)
- diff from 0.3.1.8-1 to 0.3.1.8-2 (976 bytes)
tor (0.3.1.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader <email address hidden> Sun, 29 Oct 2017 19:58:03 +0100
tor (0.2.9.11-1ubuntu1~16.04.1) xenial; urgency=medium * Backport from Debian Stretch to Xenial. Ubuntu Delta: (LP: #1710753) - Limit the seccomp build-dependency to [amd64 i386 armhf]. - Drop build-conflicts. - Update debian/micro-revision.i to match 0.2.9.11 commit ID. - Use DAC_READ_SEARCH instead of DAC_OVERRIDE for Apparmor and systemd units. Cherry picked from 0.3.0.10-1 and 0.3.0.4-rc-1. - Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf]. -- Simon Deziel <email address hidden> Tue, 15 Aug 2017 02:57:56 +0000
Available diffs
tor (0.2.9.11-1ubuntu1) zesty; urgency=medium * Backport from Debian Stretch to Zesty. Ubuntu Delta: (LP: #1710753) - Limit the seccomp build-dependency to [amd64 i386 armhf]. - Drop build-conflicts. - Update debian/micro-revision.i to match 0.2.9.11 commit ID. - Use DAC_READ_SEARCH instead of DAC_OVERRIDE for Apparmor and systemd units. Cherry picked from 0.3.0.10-1 and 0.3.0.4-rc-1. -- Simon Deziel <email address hidden> Tue, 15 Aug 2017 02:57:56 +0000
Available diffs
- diff from 0.2.9.10-1ubuntu1 to 0.2.9.11-1ubuntu1 (277.5 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
tor (0.3.0.10-1) unstable; urgency=medium * New upstream version. * Update apparmor profile: replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH to match the systemd capability bounding set changed with 0.3.0.4-rc-1. This change will allow tor to start again under apparmor if hidden services are configured. Patch by intrigeri. (closes: #862993) * Remove tor-dbg binary package. Nowadays Debian's toolchain automatically builds packages containing debugging symbols. The new tor-dbgsym package will end up in the debian-debug archive. This tor-dbgsym package will Replace/Break tor-dbg versions prior to 0.3.1.5-alpha for now (to match the version in experimental with the same change), but as we keep providing backported builds for older suites, and since those keep the tor-dbg package for now, we'll likely keep increasing this version in future releases. (closes: #867547) * The dbgsym migration options require debhelper >= 9.20160114; update build dependency list accordingly. -- Peter Palfrader <email address hidden> Sun, 13 Aug 2017 17:24:23 +0200
Available diffs
tor (0.3.0.9-1build1) artful; urgency=medium * No-change rebuild against libevent-2.1-6 -- Steve Langasek <email address hidden> Mon, 31 Jul 2017 02:54:09 +0000
Available diffs
tor (0.3.0.9-1) unstable; urgency=medium * New upstream version, upload 0.3.0.x tree to unstable. - Fixes TROVE-2017-006: Regression in guard family avoidance (closes: #866799; CVE-2017-0377). * Remove debian/README.{polipo,privoxy} as using them is not recommended. (Torbrowser is the better option for users browsing the web.) -- Peter Palfrader <email address hidden> Sun, 02 Jul 2017 00:53:02 +0200
Available diffs
- diff from 0.2.9.11-1 to 0.3.0.9-1 (618.1 KiB)
tor (0.2.9.11-1) unstable; urgency=high * New upstream version. - Fix a remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. (closes: #864424) -- Peter Palfrader <email address hidden> Thu, 08 Jun 2017 18:48:46 +0200
Available diffs
Superseded in artful-release |
Obsolete in zesty-release |
Deleted in zesty-proposed (Reason: moved to release) |
tor (0.2.9.10-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Wed, 08 Mar 2017 08:25:29 +0100
Available diffs
- diff from 0.2.9.9-1ubuntu1 to 0.2.9.10-1ubuntu1 (203.6 KiB)
tor (0.2.9.9-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Wed, 01 Feb 2017 15:00:23 +0100
Available diffs
tor (0.2.9.8-2ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Wed, 21 Dec 2016 10:56:27 +0100
Available diffs
- diff from 0.2.8.11-2ubuntu1 to 0.2.9.8-2ubuntu1 (786.9 KiB)
tor (0.2.8.11-2ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Sat, 10 Dec 2016 09:07:07 +0100
Available diffs
- diff from 0.2.8.11-1ubuntu1 to 0.2.8.11-2ubuntu1 (771 bytes)
tor (0.2.8.11-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Fri, 09 Dec 2016 23:41:39 +0100
Available diffs
tor (0.2.8.10-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Mon, 05 Dec 2016 22:28:13 +0100
Available diffs
- diff from 0.2.8.9-1ubuntu1 to 0.2.8.10-1ubuntu1 (109.3 KiB)
tor (0.2.8.9-1ubuntu1) zesty; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Wed, 19 Oct 2016 11:39:41 +0200
Available diffs
- diff from 0.2.8.8-1ubuntu1 to 0.2.8.9-1ubuntu1 (700.9 KiB)
Superseded in zesty-release |
Obsolete in yakkety-release |
Deleted in yakkety-proposed (Reason: moved to release) |
tor (0.2.8.8-1ubuntu1) yakkety; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Mon, 26 Sep 2016 09:02:25 +0200
Available diffs
- diff from 0.2.8.7-1ubuntu1 to 0.2.8.8-1ubuntu1 (430.2 KiB)
tor (0.2.8.7-1ubuntu1) yakkety; urgency=medium * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Thu, 25 Aug 2016 13:21:06 +0200
Available diffs
- diff from 0.2.8.6-3ubuntu1 to 0.2.8.7-1ubuntu1 (240.8 KiB)
tor (0.2.8.6-3ubuntu1) yakkety; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Tue, 23 Aug 2016 16:37:59 +0200
Available diffs
tor (0.2.8.6-2ubuntu1) yakkety; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Sat, 13 Aug 2016 12:59:47 +0200
Available diffs
tor (0.2.8.6-1ubuntu1) yakkety; urgency=low * Merge from Debian unstable. Remaining changes: - Limit the seccomp build-dependency to [amd64 i386 armhf]. -- Gianfranco Costamagna <email address hidden> Thu, 04 Aug 2016 16:19:09 +0200
Available diffs
- diff from 0.2.8.6-1 (in Debian) to 0.2.8.6-1ubuntu1 (1021 bytes)
1 → 75 of 144 results | First • Previous • Next • Last |