pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Update wip/tor-dev to version

Module Name:	pkgsrc-wip
Committed By:	Alexander Nasonov <>
Pushed By:	alnsn
Date:		Fri Dec 1 23:17:23 2017 +0000
Changeset:	7e53ac2a3b738a16cb87912fad0af4b2415d5ca0

Modified Files:

Log Message:
Update wip/tor-dev to version

Changes in version - 2017-12-01
  This version of Tor is the latest in the 0.3.2 alpha series. It
  includes fixes for several important security issues. All Tor users
  should upgrade to this release, or to one of the other releases coming
  out today.

  o Major bugfixes (security):
    - Fix a denial of service bug where an attacker could use a
      malformed directory object to cause a Tor instance to pause while
      OpenSSL would try to read a passphrase from the terminal. (Tor
      instances run without a terminal, which is the case for most Tor
      packages, are not impacted.) Fixes bug 24246; bugfix on every
      version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
      Found by OSS-Fuzz as testcase 6360145429790720.
    - Fix a denial of service issue where an attacker could crash a
      directory authority using a malformed router descriptor. Fixes bug
      24245; bugfix on Also tracked as TROVE-2017-010
      and CVE-2017-8820.
    - When checking for replays in the INTRODUCE1 cell data for a
      (legacy) onion service, correctly detect replays in the RSA-
      encrypted part of the cell. We were previously checking for
      replays on the entire cell, but those can be circumvented due to
      the malleability of Tor's legacy hybrid encryption. This fix helps
      prevent a traffic confirmation attack. Fixes bug 24244; bugfix on This issue is also tracked as TROVE-2017-009
      and CVE-2017-8819.

  o Major bugfixes (security, onion service v2):
    - Fix a use-after-free error that could crash v2 Tor onion services
      when they failed to open circuits while expiring introduction
      points. Fixes bug 24313; bugfix on This issue is
      also tracked as TROVE-2017-013 and CVE-2017-8823.

  o Major bugfixes (security, relay):
    - When running as a relay, make sure that we never build a path
      through ourselves, even in the case where we have somehow lost the
      version of our descriptor appearing in the consensus. Fixes part
      of bug 21534; bugfix on This issue is also tracked
      as TROVE-2017-012 and CVE-2017-8822.
    - When running as a relay, make sure that we never choose ourselves
      as a guard. Fixes part of bug 21534; bugfix on This
      issue is also tracked as TROVE-2017-012 and CVE-2017-8822.

  o Minor feature (relay statistics):
    - Change relay bandwidth reporting stats interval from 4 hours to 24
      hours in order to reduce the efficiency of guard discovery
      attacks. Fixes ticket 23856.

  o Minor features (directory authority):
    - Add an IPv6 address for the "bastet" directory authority. Closes
      ticket 24394.

  o Minor bugfixes (client):
    - By default, do not enable storage of client-side DNS values. These
      values were unused by default previously, but they should not have
      been cached at all. Fixes bug 24050; bugfix on

To see a diff of this commit:;a=commitdiff;h=7e53ac2a3b738a16cb87912fad0af4b2415d5ca0

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

 tor-dev/Makefile | 2 +-
 tor-dev/distinfo | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/tor-dev/Makefile b/tor-dev/Makefile
index 5b7b06e331..358aeb83a0 100644
--- a/tor-dev/Makefile
+++ b/tor-dev/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD$
 PKGNAME=	${DISTNAME:S/tor/tordev/:S/-alpha//}
 CATEGORIES=	net security
diff --git a/tor-dev/distinfo b/tor-dev/distinfo
index dee4a5c2fe..859a8e2670 100644
--- a/tor-dev/distinfo
+++ b/tor-dev/distinfo
@@ -1,8 +1,8 @@
-SHA1 (tor- = 3db184555f059095acd6c69c991ba17f4efbbe72
-RMD160 (tor- = f92d318fa5de8e9b4caef89f17935079d6044f68
-SHA512 (tor- = 33528ad98cc655ac0b795509b1ea88e1b94a227275dd028631205a9dda703bbceb607dac634b4a90c8add6614f3fc3112249d957512297b2cc5ee4611da5aa51
-Size (tor- = 6310699 bytes
+SHA1 (tor- = abd4db9f33ac19adbce39f94cc6d8ac8bc9ce9f0
+RMD160 (tor- = 368a84fe6319c450d9a29ca05d70fbc8f1dd7513
+SHA512 (tor- = 24ecd93c92d73ea31967f127f9ab745bc982737da13d748afa01bf1477ed6e8191e3474d01f49efd629665807d875008558e069e02eefb15ff699dd89b877857
+Size (tor- = 6310498 bytes
 SHA1 ( = f3e51f568aa7c4338d352689d1ab2f0bb10aa016
 SHA1 (patch-src_or_config.c) = 6cc372ca1809ff8cb7f5cc181f8e7a735d1148cb

Home | Main Index | Thread Index | Old Index