Format: 1.8
Date: Fri, 18 Jun 2021 11:06:56 +0200
Source: tor
Binary: tor
Built-For-Profiles: noudeb
Architecture: arm64
Version: 0.4.5.9-1
Distribution: impish-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-037.buildd>
Changed-By: Peter Palfrader <weasel@debian.org>
Description:
 tor        - anonymizing overlay network for TCP
Closes: 990000
Changes:
 tor (0.4.5.9-1) unstable; urgency=medium
 .
   * New upstream version, fixing several (security) issues (closes: #990000).
      For a full list see the upstream changelog.  It includes:
     - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on
       half-closed streams. Previously, clients failed to validate which
       hop sent these cells: this would allow a relay on a circuit to end
       a stream that wasn't actually built with it.
       Bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021-
       003 and CVE-2021-34548.
     - Detect more failure conditions from the OpenSSL RNG code.
       Previously, we would detect errors from a missing RNG
       implementation, but not failures from the RNG code itself.
       Fortunately, it appears those failures do not happen in practice
       when Tor is using OpenSSL's default RNG implementation.
       Bugfix on 0.2.8.1-alpha. This issue is also tracked as
       TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
     - Resist a hashtable-based CPU denial-of-service attack against
       relays. Previously we used a naive unkeyed hash function to look
       up circuits in a circuitmux object. An attacker could exploit this
       to construct circuits with chosen circuit IDs, to create
       collisions and make the hash table inefficient. Now we use a
       SipHash construction here instead. Bugfix on
       0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and
       CVE-2021-34549. Reported by Jann Horn from Google's Project Zero.
     - Fix an out-of-bounds memory access in v3 onion service descriptor
       parsing. An attacker could exploit this bug by crafting an onion
       service descriptor that would crash any client that tried to visit
       it. Bugfix on 0.3.0.1-alpha. This issue is also
       tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei
       Glazunov from Google's Project Zero.
Checksums-Sha1:
 568b78ca19c93597d2760ebe53439d31b3889a26 6184468 tor-dbgsym_0.4.5.9-1_arm64.ddeb
 2a3fea00a55cc3b3e6c737969478c32d47efd902 7361 tor_0.4.5.9-1_arm64.buildinfo
 26d80df489b0e64b8493aacdf0347e05a1044ee4 1497404 tor_0.4.5.9-1_arm64.deb
Checksums-Sha256:
 d8fbf42bc509f8c06cf9b971a79ee092698db7ad25fab0492f020b2eb1283e8f 6184468 tor-dbgsym_0.4.5.9-1_arm64.ddeb
 1e547f3a22e6f0bba636e5ad49a81edab5e9e18b30797173329b55663f45ab28 7361 tor_0.4.5.9-1_arm64.buildinfo
 6e7c5126d46bbcfb31fd06b952215decee8101889eefbc5920af89e08aa12db3 1497404 tor_0.4.5.9-1_arm64.deb
Files:
 c18ac208b0cdc3e745010854894d960e 6184468 debug optional tor-dbgsym_0.4.5.9-1_arm64.ddeb
 7fb29dd07197922e258cd05351d23141 7361 net optional tor_0.4.5.9-1_arm64.buildinfo
 88e2340b4156a2ed2fb108eaf293d528 1497404 net optional tor_0.4.5.9-1_arm64.deb