Path to this page:
Subject: CVS commit: [pkgsrc-2008Q4] pkgsrc/net/tor
From: Matthias Scheler
Date: 2009-02-15 12:45:00
Message id: 20090215114500.77504175D0@cvs.netbsd.org
Log Message:
Pullup ticket #2699 - requested by obache
tor: security update
Revisions pulled up:
- net/tor/Makefile 1.62
- net/tor/distinfo 1.34
- net/tor/patches/patch-ac delete
---
Module Name: pkgsrc
Committed By: obache
Date: Sun Feb 15 07:59:02 UTC 2009
Modified Files:
pkgsrc/net/tor: Makefile distinfo
Removed Files:
pkgsrc/net/tor/patches: patch-ac
Log Message:
Update tor to 0.2.0.34.
Patch provided by Christian Sturm and back to maintainer.
Changes in version 0.2.0.34 - 2009-02-08
o Security fixes:
- Fix an infinite-loop bug on handling corrupt votes under certain
circumstances. Bugfix on 0.2.0.8-alpha.
- Fix a temporary DoS vulnerability that could be performed by
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
- Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity. Bugfix on 0.2.0.33.
- Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
Spec conformance issue. Bugfix on Tor 0.0.2pre27.
o Minor bugfixes:
- Fix compilation on systems where time_t is a 64-bit integer.
Patch from Matthias Drochner.
- Don't consider expiring already-closed client connections. Fixes
bug 893. Bugfix on 0.0.2pre20.
Files: