pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/41688 CVS commit: [pkgsrc-2009Q2] pkgsrc/net/tor

The following reply was made to PR pkg/41688; it has been noted by GNATS.

From: Matthias Scheler <>
Subject: PR/41688 CVS commit: [pkgsrc-2009Q2] pkgsrc/net/tor
Date: Thu, 16 Jul 2009 09:23:44 +0000

 Module Name:   pkgsrc
 Committed By:  tron
 Date:          Thu Jul 16 09:23:44 UTC 2009
 Modified Files:
        pkgsrc/net/tor [pkgsrc-2009Q2]: Makefile distinfo
 Log Message:
 Pullup ticket #2813 - requested by obache
 tor: security update
 Revisions pulled up:
 - net/tor/Makefile             1.64
 - net/tor/distinfo             1.35
 Module Name:   pkgsrc
 Committed By:  obache
 Date:          Thu Jul  9 11:52:31 UTC 2009
 Modified Files:
        pkgsrc/net/tor: Makefile distinfo
 Log Message:
 Update tor to
 maintainer update request via PR 41688.
 Changes in version - 2009-06-24
   o Security fix:
     - Avoid crashing in the presence of certain malformed descriptors.
       Found by lark, and by automated fuzzing.
     - Fix an edge case where a malicious exit relay could convince a
       controller that the client's DNS question resolves to an internal IP
       address. Bug found and fixed by "optimist"; bugfix on
   o Major bugfixes:
     - Finally fix the bug where dynamic-IP relays disappear when their
       IP address changes: directory mirrors were mistakenly telling
       them their old address if they asked via begin_dir, so they
       never got an accurate answer about their new address, so they
       just vanished after a day. For belt-and-suspenders, relays that
       don't set Address in their config now avoid using begin_dir for
       all direct connections. Should fix bugs 827, 883, and 900.
     - Fix a timing-dependent, allocator-dependent, DNS-related crash bug
       that would occur on some exit nodes when DNS failures and timeouts
       occurred in certain patterns. Fix for bug 957.
   o Minor bugfixes:
     - When starting with a cache over a few days old, do not leak
       memory for the obsolete router descriptors in it. Bugfix on; fixes bug 672.
     - Hidden service clients didn't use a cached service descriptor that
       was older than 15 minutes, but wouldn't fetch a new one either,
       because there was already one in the cache. Now, fetch a v2
       descriptor unless the same descriptor was added to the cache within
       the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
 To generate a diff of this commit:
 cvs rdiff -u -r1.63 -r1.63.4.1 pkgsrc/net/tor/Makefile
 cvs rdiff -u -r1.34 -r1.34.4.1 pkgsrc/net/tor/distinfo
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index