Navigation:
Browse pkgsrc
(this page) 2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) |  |
Log message: PKGREVISION bumps for the security/openssl 1.0.1d update. |
| 2013-01-30 23:09:22 by Taylor R Campbell | Files touched by this commit (1) |
Log message: Update Tor's install message to reflect current recommendations. The Tor Project ceased to recommend privoxy years ago; the only way they recommend browsing the web is through the Tor Browser Bundle, which Someone^TM ought to find some way to package up. |
| 2012-11-26 20:00:20 by Matthias Drochner | Files touched by this commit (3) | |
Log message:
update to 0.2.3.25
from the announcement:
Tor 0.2.3.25, the first stable release in the 0.2.3 branch, features
significantly reduced directory overhead (via microdescriptors),
enormous crypto performance improvements for fast relays on new
enough hardware, a new v3 TLS handshake protocol that can better
resist fingerprinting, support for protocol obfuscation plugins (aka
pluggable transports), better scalability for hidden services, IPv6
support for bridges, performance improvements like allowing clients
to skip the first round-trip on the circuit ("optimistic data") and
refilling token buckets more often, a new "stream isolation" design
to isolate different applications on different circuits, and many
stability, security, and privacy fixes.
|
| 2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671) |
Log message: Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. |
| 2012-09-13 19:09:01 by Matthias Drochner | Files touched by this commit (2) | |
Log message: update to 0.2.2.39 fixes two ways to crash the program remotely (DOS vulnerability, CVE-2012-4419) |
| 2012-08-13 19:13:45 by Matthias Drochner | Files touched by this commit (2) | |
Log message: update to 0.2.2.38 Tor 0.2.2.38 fixes a rare race condition that can crash exit relays; fixes a remotely triggerable crash bug; and fixes a timing attack that could in theory leak path information. |
| 2012-06-17 14:09:41 by Hauke Fath | Files touched by this commit (2) | |
Log message:
Minor bugfix update. From the changelog:
Changes in version 0.2.2.37 - 2012-06-06
Tor 0.2.2.37 introduces a workaround for a critical renegotiation
bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
currently).
o Major bugfixes:
- Work around a bug in OpenSSL that broke renegotiation with TLS
1.1 and TLS 1.2. Without this workaround, all attempts to speak
the v2 Tor connection protocol when both sides were using OpenSSL
1.0.1 would fail. Resolves ticket 6033.
- When waiting for a client to renegotiate, don't allow it to add
any bytes to the input buffer. This fixes a potential DoS issue.
Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
- Fix an edge case where if we fetch or publish a hidden service
descriptor, we might build a 4-hop circuit and then use that circuit
for exiting afterwards -- even if the new last hop doesn't obey our
ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
o Minor bugfixes:
- Fix a build warning with Clang 3.1 related to our use of vasprintf.
Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
o Minor features:
- Tell GCC and Clang to check for any errors in format strings passed
to the tor_v*(print|scan)f functions.
Patch submitted by Christian Sturm, fixes PR pkg/46609.
|
| 2012-06-14 16:50:45 by Hauke Fath | Files touched by this commit (2) | |
Log message: Properly substitute absolute path /etc/tor in torify(1). While here, update the package. Patch from Blair Sadewitz, submitted in PR pkg/46598. |
| 2011-12-17 13:39:43 by Matthias Drochner | Files touched by this commit (2) | |
Log message: update to 0.2.2.35 changes: -fixes a critical heap-overflow security issue (CVE-2011-2778) -more fixes, mostly affecting hidden services and relays |
| 2011-10-30 18:49:18 by Matthias Drochner | Files touched by this commit (2) | |
Log message: update to 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users (CVE-2011-2768) |
New packages: