[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pkg/42541: [UPDATE by Maintainer] net/tor 0.2.1.20 -> 0.2.1.21
>Synopsis: [UPDATE by Maintainer] net/tor 0.2.1.20 -> 0.2.1.21
>Arrival-Date: Tue Dec 29 17:05:00 +0000 2009
>Originator: Christian Sturm
The attached patch updates net/tor to 0.2.1.21
Since it contains only bufixes (which lead to 'compatibility' with recent
OpenSSL and fix a crash - see changes) it may be wise to think about pulling
the new version over to current stable.
Changes in version 0.2.1.21 - 2009-12-21
o Major bugfixes:
- Work around a security feature in OpenSSL 0.9.8l that prevents our
handshake from working unless we explicitly tell OpenSSL that we
are using SSL renegotiation safely. We are, of course, but OpenSSL
0.9.8l won't work unless we say we are.
- Avoid crashing if the client is trying to upload many bytes and the
circuit gets torn down at the same time, or if the flip side
happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.
o Minor bugfixes:
- Do not refuse to learn about authority certs and v2 networkstatus
documents that are older than the latest consensus. This bug might
have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
Spotted and fixed by xmux.
- Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
trigger platform-specific option misparsing case found by Coverity
- Fix a compilation warning on Fedora 12 by removing an impossible-to-
trigger assert. Fixes bug 1173.
begin 644 tor.patch.gz
Main Index |
Thread Index |