Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/net/tor
From: Benny Siegert
Date: 2017-06-21 20:24:51
Message id: 20170621182451.E7861FAE8@cvs.NetBSD.org

Log Message:
Pullup ticket #5481 - requested by sevan
net/tor: security fix

Revisions pulled up:
- net/tor/Makefile                                              1.122
- net/tor/distinfo                                              1.82

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Wed Jun 14 16:16:04 UTC 2017

   Modified Files:
           pkgsrc/net/tor: Makefile distinfo

   Log Message:
   Updated tor to 0.3.0.8.

   Changes in version 0.3.0.8 - 2017-06-08
     Tor 0.3.0.8 fixes a pair of bugs that would allow an attacker to
     remotely crash a hidden service with an assertion failure. Anyone
     running a hidden service should upgrade to this version, or to some
     other version with fixes for TROVE-2017-004 and TROVE-2017-005.

     Tor 0.3.0.8 also includes fixes for several key management bugs
     that sometimes made relays unreliable, as well as several other
     bugfixes described below.

     o Major bugfixes (hidden service, relay, security, backport
       from 0.3.1.3-alpha):
       - Fix a remotely triggerable assertion failure when a hidden service
         handles a malformed BEGIN cell. Fixes bug 22493, tracked as
         TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
       - Fix a remotely triggerable assertion failure caused by receiving a
         BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
         22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
         on 0.2.2.1-alpha.

     o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
       - When performing the v3 link handshake on a TLS connection, report
         that we have the x509 certificate that we actually used on that
         connection, even if we have changed certificates since that
         connection was first opened. Previously, we would claim to have
         used our most recent x509 link certificate, which would sometimes
         make the link handshake fail. Fixes one case of bug 22460; bugfix
         on 0.2.3.6-alpha.

     o Major bugfixes (relays, key management, backport from 0.3.1.3-alpha):
       - Regenerate link and authentication certificates whenever the key
         that signs them changes; also, regenerate link certificates
         whenever the signed key changes. Previously, these processes were
         only weakly coupled, and we relays could (for minutes to hours)
         wind up with an inconsistent set of keys and certificates, which
         other relays would not accept. Fixes two cases of bug 22460;
         bugfix on 0.3.0.1-alpha.
       - When sending an Ed25519 signing->link certificate in a CERTS cell,
         send the certificate that matches the x509 certificate that we
         used on the TLS connection. Previously, there was a race condition
         if the TLS context rotated after we began the TLS handshake but
         before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
         on 0.3.0.1-alpha.

     o Major bugfixes (hidden service v3, backport from 0.3.1.1-alpha):
       - Stop rejecting v3 hidden service descriptors because their size
         did not match an old padding rule. Fixes bug 22447; bugfix on
         tor-0.3.0.1-alpha.

     o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
       - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
         December 2016 (of which ~126 were still functional) with a list of
         151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
         2017. Resolves ticket 21564.

     o Minor bugfixes (configuration, backport from 0.3.1.1-alpha):
       - Do not crash when starting with LearnCircuitBuildTimeout 0. Fixes
         bug 22252; bugfix on 0.2.9.3-alpha.

     o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
       - Avoid undefined behavior when parsing IPv6 entries from the geoip6
         file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.

     o Minor bugfixes (link handshake, backport from 0.3.1.3-alpha):
       - Lower the lifetime of the RSA->Ed25519 cross-certificate to six
         months, and regenerate it when it is within one month of expiring.
         Previously, we had generated this certificate at startup with a
         ten-year lifetime, but that could lead to weird behavior when Tor
         was started with a grossly inaccurate clock. Mitigates bug 22466;
         mitigation on 0.3.0.1-alpha.

     o Minor bugfixes (memory leak, directory authority, backport from
       0.3.1.2-alpha):
       - When directory authorities reject a router descriptor due to
         keypinning, free the router descriptor rather than leaking the
         memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.

Files:
RevisionActionfile
1.118.2.3modifypkgsrc/net/tor/Makefile
1.79.2.3modifypkgsrc/net/tor/distinfo