lp:ubuntu/quantal/tor

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

36. By Peter Palfrader on 2012-09-11

[ Peter Palfrader ]
* New upstream version:
  - Fix an assertion failure in tor_timegm() that could be triggered
    by a badly formatted directory object. Bug found by fuzzing with
    Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc.

[ Stefano Zacchiroli ]
* README.privoxy, README.polipo: explicitly set socks type to socks5.

35. By Peter Palfrader on 2012-08-07

* New upstream version, including a couple security fixes:
  - Avoid read-from-freed-memory and double-free bugs that could occur
    when a DNS request fails while launching it. Fixes bug 6480.
  - Avoid an uninitialized memory read when reading a vote or consensus
    document that has an unrecognized flavor name. This read could
    lead to a remote crash bug. Fixes bug 6530.
  - Try to leak less information about what relays a client is
    choosing to a side-channel attacker.
* Suggest the tor-arm controller.
* Improve long descriptions with Roger's help.
* Use https:// instead of git:// for the Vcs-Git URL.

34. By Peter Palfrader on 2012-07-07

New upstream version.

33. By Peter Palfrader on 2012-06-29

* New upstream version.
* Remove debian/patches/15_longer_test_timeout - something similar has been
  incorporated upstream (Re: Tor#6227).
* Re-enable apparmor, if available: Instead of confining /usr/sbin/tor by
  default, we now only confine the daemon that is launched from the init
  script. We do this by calling aa-exec with the appropriate flags, if it
  is installed. Therefore also suggest apparmor-utils.

32. By Peter Palfrader on 2012-06-24

* Apply the correct SE-Linux label to /var/run/tor when creating the
  directory in the init script (closes: #678362). Thanks to Russell Coker.
* Hack up the unit tests to wait longer for the thread test to finish.
  This is not a real fix, but it will probably make it more likely that
  we successfully build on our mips/octeon machines (Re: Tor#6227).

31. By Peter Palfrader on 2012-06-18

* Shipping and enabling the apparmor policy by default causes Tor to
  break for users who have apparmor enabled in enforcind mode and
  that, either in addition to or instead of running Tor as a system
  service (i.e. /etc/init.d/tor), also run Tor as their user or in
  some other means like launched from vidalia. Therefore:
  .
  - No longer install apparmor policy by default. It can be found in
    /usr/share/doc/tor if anybody is interested.
  - No longer build-depend on dh-apparmor, or suggest apparmor.
  - Also, clean up and remove old /etc/apparmor.d/usr.sbin.tor files
    on upgrade if they have not been changed by the user.
  .
  These changes relate to Debian Bug #670525 and fixes Tor ticket #6188.

30. By Peter Palfrader on 2012-06-15

* New upstream version.
* apparmor policy:
  - allow access to /var/log/tor/* and not just /var/log/tor/log*,
* No longer create /var/run/tor in postint if it does not exist -
  the init script should take care of that.
* Change the output of the init script to use lsb* functions:
  - Depend on lsb-base.
  - Makes the output pretty (closes: #676843)
* Also, in the init script we are now less verbose, unless VERBOSE is
  set to yes in /etc/default/rcS (see the rcS(5) manual page):
  - pass --hush to tor on startup, so only warnings and errors are
    displayed, hiding any notice level log output,
  - do not report raising ulimit -n.

29. By Peter Palfrader on 2012-06-12

* New upstream version, including:
  - Work around a bug in OpenSSL that broke renegotiation with TLS
    1.1 and TLS 1.2. Without this workaround, all attempts to speak
    the v2 Tor connection protocol when both sides were using OpenSSL
    1.0.1 would fail. Resolves ticket 6033.
  - When waiting for a client to renegotiate, don't allow it to add
    any bytes to the input buffer. This fixes a potential DoS issue.
    Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
  - and more. See upstream's changelog.

28. By Peter Palfrader on 2012-05-24

New upstream version, including updates to authority addresses, and
a coulpe minor security issues, see upstream's changelog.

27. By Peter Palfrader on 2011-12-15

* New upstream version, fixing a heap overflow bug related to Tor's
  SOCKS code (CVE-2011-2778).
* There no longer is a document called INSTALL to copy to
  usr/share/docs/tor, so get rid of the lintian override. Since that was
  the only one in the tor package get rid of installing overrides for the
  tor package entirely - there's still one override in tor-geoipdb
  (closes Tor #4576).