pkgsrc-WIP-cvs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: wip/tor-dev
Module name: wip
Committed by: athaba
Date: Tue Apr 7 18:28:19 UTC 2015
Modified Files:
wip/tor-dev: Makefile distinfo
Log Message:
Update tor-dev to 2.6.7
Changes in version 0.2.6.7 - 2015-04-06
Tor 0.2.6.7 fixes two security issues that could be used by an
attacker to crash hidden services, or crash clients visiting hidden
services. Hidden services should upgrade as soon as possible; clients
should upgrade whenever packages become available.
This release also contains two simple improvements to make hidden
services a bit less vulnerable to denial-of-service attacks.
o Major bugfixes (security, hidden service):
- Fix an issue that would allow a malicious client to trigger an
assertion failure and halt a hidden service. Fixes bug 15600;
bugfix on 0.2.1.6-alpha. Reported by "disgleirio".
- Fix a bug that could cause a client to crash with an assertion
failure when parsing a malformed hidden service descriptor. Fixes
bug 15601; bugfix on 0.2.1.5-alpha. Found by "DonnchaC".
o Minor features (DoS-resistance, hidden service):
- Introduction points no longer allow multiple INTRODUCE1 cells to
arrive on the same circuit. This should make it more expensive for
attackers to overwhelm hidden services with introductions.
Resolves ticket 15515.
- Decrease the amount of reattempts that a hidden service performs
when its rendezvous circuits fail. This reduces the computational
cost for running a hidden service under heavy load. Resolves
ticket 11447.
To generate a diff of this commit:
cvs -z3 rdiff -u -r1.38 -r1.39 wip/tor-dev/distinfo
cvs -z3 rdiff -u -r1.51 -r1.52 wip/tor-dev/Makefile
To view a diff of this commit:
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/tor-dev/distinfo?r1=1.38&r2=1.39
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/tor-dev/Makefile?r1=1.51&r2=1.52
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
pkgsrc-wip-cvs mailing list
pkgsrc-wip-cvs%lists.sourceforge.net@localhost
https://lists.sourceforge.net/lists/listinfo/pkgsrc-wip-cvs
Home |
Main Index |
Thread Index |
Old Index