lp:ubuntu/oneiric/tor
- Get this branch:
- bzr branch lp:ubuntu/oneiric/tor
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 22. By Peter Palfrader
-
* New upstream version.
* The tor specification files are no longer shipped in the tarball,
so /usr/share/doc/tor/ spec is no more. They can be found online
at <URL:https://gitweb. torproject. org/torspec. git/tree>. - 21. By Peter Palfrader
-
New upstream version, including several security related fixes. See
upstream changelog for details. Addresses CVE-2011-0427. - 20. By Peter Palfrader
-
* Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
* Housekeeping: Update IP address and port of directory authority gabelmoo
with data shipped in 0.2.1.28. - 19. By Peter Palfrader
-
* Since the dawn of time (0.0.2pre19-1, January 2004, initial release
of the debian package), the postinst script has changed ownership and
permissions of various trees like /var/lib/tor, /var/run/tor, and
/var/log/tor, sometimes recursively.
.
It turns out this actually is a security issue, so try to be more
conservative when fixing up modes and only chown/chgrp
/var/{lib,log, run}/tor directly, never recursively.
* Remove /var/run/tor, recursively, on purge. We already do this
for /var/lib/tor and /var/log/tor. - 18. By Peter Palfrader
-
* Add debian/
patches/ 15_tlsext_ host_name: Work around change in libssl0.9.8
(0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198):
.
Do not set the tlsext_host_name extension on server SSL objects; only on
client SSL objects. We set it to immitate a browser, not a vhosting
server. This resolves an incompatibility with openssl 0.9.8p and openssl
1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha.
* Also from 0.2.1.27: Add maatuska as eighth v3 directory authority.
The directory authority servers are the trusted nodes that sign the
directory of all Tor servers. This adds an 8th authority to the
existing list, improving robustness.
* Change section from comm to net. This change was done in the
0.2.2.x tree in experimental during 0.2.2.9 (April 2010) in response
to bug #482801.
* If we have a debian/micro-revision. i, replace the one in src/or
with our copy so that this will be the revision that ends up in
the binary. This is an informational only version string, but
it'd be kinda nice if it was (more) accurate nonetheless.
(Backported from 0.2.2.2-alpha-1 from September 2009.) - 17. By Peter Palfrader
-
Make sure the cronjob does not try to access a /var/lib/tor
that has already been removed (due to for instance package removal).
Thanks to Holger and piuparts for catching this. - 16. By Peter Palfrader
-
* No longer set ulimit -c to unlimited:
Up until now the init script (or actually /etc/default/tor) raised
the ulimit for coredumps to unlimited, so that Tor would produce
coredumps on assert errors or segfaults. Coredumps however can
leak sensitive information, like cryptographic session keys and
clients' data should the core files get into the wrong hands. As
such it seems prudent to only enable coredumps if the user or
operator explicitly asks for them, and knows what to do with them.
* Also include a cron.weekly job that removes old coredumps from
/var/lib/tor. This action can be disabled in /etc/default/tor. - 15. By Peter Palfrader
-
* New upstream version.
* Remove debian/patches/ 15_testuite- thread- fixes (merged upstream).
* tor.postinst: Stop calling stat(1) with its full path.
* Add ${misc:Depends} for all three binary packages because debhelper
might want to add stuff.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/tor