-
tor (0.3.2.10-1) unstable; urgency=medium
* New upstream version.
- Includes an important security fix for a remote crash attack against
directory authorities.
[TROVE-2018-001 and CVE-2018-0490]
- Additionally, backports a fix for Tor#24700, which was originally
fixed in 0.3.3.2-alpha but had its severity upgraded now as it can be
remotely triggered and can crash relays.
[TROVE-2018-002 and CVE-2018-0491]
-- Peter Palfrader <email address hidden> Sat, 03 Mar 2018 14:37:34 +0100
-
tor (0.3.2.9-1build1) bionic; urgency=high
* No change rebuild against openssl1.1.
-- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 23:29:18 +0000
-
tor (0.3.2.9-1) unstable; urgency=medium
* New upstream version, upload 0.3.2.x tree to unstable.
-- Peter Palfrader <email address hidden> Tue, 16 Jan 2018 10:49:46 +0100
-
tor (0.3.1.9-1) unstable; urgency=high
* New upstream version, including among others:
- Fix a denial of service bug where an attacker could use a
malformed directory object to cause a Tor instance to pause while
OpenSSL would try to read a passphrase from the terminal. (Tor
instances run without a terminal, which is the case for most Tor
packages, are not impacted.) Fixes bug 24246; bugfix on every
version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
Found by OSS-Fuzz as testcase 6360145429790720.
- Fix a denial of service issue where an attacker could crash a
directory authority using a malformed router descriptor. Fixes bug
24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
and CVE-2017-8820.
- When checking for replays in the INTRODUCE1 cell data for a
(legacy) onion service, correctly detect replays in the RSA-
encrypted part of the cell. We were previously checking for
replays on the entire cell, but those can be circumvented due to
the malleability of Tor's legacy hybrid encryption. This fix helps
prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
and CVE-2017-8819.
- Fix a use-after-free error that could crash v2 Tor onion services
when they failed to open circuits while expiring introduction
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
also tracked as TROVE-2017-013 and CVE-2017-8823.
- When running as a relay, make sure that we never build a path
through ourselves, even in the case where we have somehow lost the
version of our descriptor appearing in the consensus. Fixes part
of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
as TROVE-2017-012 and CVE-2017-8822.
- When running as a relay, make sure that we never choose ourselves
as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
* Build-depend on libcap-dev on linux-any so we can build tor with
capabilities support to retain the capability to bind to low ports;
closes: #882281, #700179.
-- Peter Palfrader <email address hidden> Fri, 01 Dec 2017 23:32:58 +0100
-
tor (0.3.1.8-2) unstable; urgency=medium
* Recent linux packages in Debian have enabled the apparmor
Linux-Security-Module by default. Therefore, users are likely to have
apparmor support not only built into their kernel but also actively
enabled at runtime. Unfortunately, without the apparmor package
being installed, systemd's AppArmorProfile= service setting will
cause the unit to fail to start.
.
Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
causing all errors while switching to the new apparmor profile to
be ignored. This is not ideal, but for now it's probably the
best solution.
.
Thanks to intrigeri; closes: #880490.
-- Peter Palfrader <email address hidden> Thu, 02 Nov 2017 21:31:27 +0100
-
tor (0.3.1.8-1) unstable; urgency=medium
* New upstream version.
-- Peter Palfrader <email address hidden> Sun, 29 Oct 2017 19:58:03 +0100
-
tor (0.3.0.10-1) unstable; urgency=medium
* New upstream version.
* Update apparmor profile: replace CAP_DAC_OVERRIDE with
CAP_DAC_READ_SEARCH to match the systemd capability bounding set
changed with 0.3.0.4-rc-1. This change will allow tor to start
again under apparmor if hidden services are configured.
Patch by intrigeri. (closes: #862993)
* Remove tor-dbg binary package. Nowadays Debian's toolchain
automatically builds packages containing debugging symbols. The new
tor-dbgsym package will end up in the debian-debug archive.
This tor-dbgsym package will Replace/Break tor-dbg versions
prior to 0.3.1.5-alpha for now (to match the version in experimental
with the same change), but as we keep providing backported builds for
older suites, and since those keep the tor-dbg package for now,
we'll likely keep increasing this version in future releases.
(closes: #867547)
* The dbgsym migration options require debhelper >= 9.20160114; update
build dependency list accordingly.
-- Peter Palfrader <email address hidden> Sun, 13 Aug 2017 17:24:23 +0200
