Path to this page:
./
net/tor,
Anonymizing overlay network for TCP
Branch: pkgsrc-2009Q2,
Version: 0.2.0.35,
Package name: tor-0.2.0.35,
Maintainer: athabaThe simple version: Tor provides a distributed network of servers ("onion
routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around
the routers. This makes it hard for recipients, observers, and even the onion
routers themselves to track the source of the stream.
The complex version: Onion Routing is a connection-oriented anonymizing
communication service. Users choose a source-routed path through a set of
nodes, and negotiate a "virtual circuit" through the network, in which each
node knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals the
downstream node.
Required to run:[
devel/libevent]
Package options: threads
Master sites:
SHA1: 6216887e0575c4a18f46e53faea1ebdb04bf7905
RMD160: ecc98c602b5c153a8aa8f6e651166705bc05c972
Filesize: 2169.777 KB
Version history: (Expand)
- (2009-07-16) Updated to version: tor-0.2.0.35
- (2009-07-09) Package has been reborn
- (2009-07-08) Package added to pkgsrc.se, version tor-0.2.0.34nb1 (created)
CVS history: (Expand)
2009-07-16 11:23:44 by Matthias Scheler | Files touched by this commit (2) | |
Log message:
Pullup ticket #2813 - requested by obache
tor: security update
Revisions pulled up:
- net/tor/Makefile 1.64
- net/tor/distinfo 1.35
---
Module Name: pkgsrc
Committed By: obache
Date: Thu Jul 9 11:52:31 UTC 2009
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Log message:
Update tor to 0.2.0.35.
maintainer update request via PR 41688.
Changes in version 0.2.0.35 - 2009-06-24
o Security fix:
- Avoid crashing in the presence of certain malformed descriptors.
Found by lark, and by automated fuzzing.
- Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
o Major bugfixes:
- Finally fix the bug where dynamic-IP relays disappear when their
IP address changes: directory mirrors were mistakenly telling
them their old address if they asked via begin_dir, so they
never got an accurate answer about their new address, so they
just vanished after a day. For belt-and-suspenders, relays that
don't set Address in their config now avoid using begin_dir for
all direct connections. Should fix bugs 827, 883, and 900.
- Fix a timing-dependent, allocator-dependent, DNS-related crash bug
that would occur on some exit nodes when DNS failures and timeouts
occurred in certain patterns. Fix for bug 957.
o Minor bugfixes:
- When starting with a cache over a few days old, do not leak
memory for the obsolete router descriptors in it. Bugfix on
0.2.0.33; fixes bug 672.
- Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either,
because there was already one in the cache. Now, fetch a v2
descriptor unless the same descriptor was added to the cache within
the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
|