pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pkg/42911: Maintainer update: net/tor to 0.2.1.24 (security fix)
>Number: 42911
>Category: pkg
>Synopsis: Maintainer update: net/tor to 0.2.1.24 (security fix)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Mar 02 10:10:00 +0000 2010
>Originator: Christian Sturm
>Release:
>Organization:
>Environment:
>Description:
The provided patch updated tor to 0.2.1.24 (from current 0.2.1.22). Since it
fixes a potential buffer overflow, problems with MacOS X aswell as other stuff
it should be pulled up into pkgsrc-stable after it got commited.
Changes in version 0.2.1.24 - 2010-02-21
Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
for sure!
o Minor bugfixes:
- Work correctly out-of-the-box with even more vendor-patched versions
of OpenSSL. In particular, make it so Debian and OS X don't need
customized patches to run/build.
Changes in version 0.2.1.23 - 2010-02-13
Tor 0.2.1.23 fixes a huge client-side performance bug, makes Tor work
again on the latest OS X, and updates the location of a directory
authority.
o Major bugfixes (performance):
- We were selecting our guards uniformly at random, and then weighting
which of our guards we'd use uniformly at random. This imbalance
meant that Tor clients were severely limited on throughput (and
probably latency too) by the first hop in their circuit. Now we
select guards weighted by currently advertised bandwidth. We also
automatically discard guards picked using the old algorithm. Fixes
bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
o Major bugfixes:
- Make Tor work again on the latest OS X: when deciding whether to
use strange flags to turn TLS renegotiation on, detect the OpenSSL
version at run-time, not compile time. We need to do this because
Apple doesn't update its dev-tools headers when it updates its
libraries in a security patch.
- Fix a potential buffer overflow in lookup_last_hid_serv_request()
that could happen on 32-bit platforms with 64-bit time_t. Also fix
a memory leak when requesting a hidden service descriptor we've
requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
by aakova.
o Minor bugfixes:
- Refactor resolve_my_address() to not use gethostbyname() anymore.
Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
o Minor features:
- Avoid a mad rush at the beginning of each month when each client
rotates half of its guards. Instead we spread the rotation out
throughout the month, but we still avoid leaving a precise timestamp
in the state file about when we first picked the guard. Improves
over the behavior introduced in 0.1.2.17.
>How-To-Repeat:
>Fix:
begin 644 tor-0.2.1.24.patch.gz
M'XL("'+=C$L``W1O<BTP+C(N,2XR-"YP871C:`"]D5UKPC`4AJ_MK\CE!K;-
M=Q.9&S('\\)=Z/Y`/LYQQ=%*6V3SUZ^"8MGFU6"!DP0.><[[D`?2U4U*,YZQ
MC,MLY[KPEBRJ"!\3LG1;P/(=DNG?5[)Z7),C;$+RL&^;NN[RW7;3-B&OH,O[
M$/EYW'B?--`U)>S+:D.:_FC+NB(L*V@22T22-L?[)9X,,KDC\\7Z]66V?)J.
M1@,EGJ1IFMQ?Z<JS:BS;KJRP_B?5\[BKJL)>5(6]Q!-C%?KJ==?/,T9NAJ99
MYYIL<[@E4^)1,R:5Y:J@0!V--!K/101K&81`A<>@M1`]9[6<,TVODH3AAELT
M1<$=T^BM-$9XZXP!A@($(D6FG3XF*@]PE<,E[4F4^,\.VM.?_%"0@P>%5RQ8
MX&A=5+Z@$1Q'#X4HN`E12\X$!D55S_E%84B*.F@EK44?K.0.^QT4-<Z`4H):
;YL!%SY0])OJN,.1P8;71\J3P!>,JLS0Y`P``
`
end
Home |
Main Index |
Thread Index |
Old Index