ubuntu/+source/tor:debian/jessie

Last commit made on 2018-06-23
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/tor
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/tor

Recent commits

f212146... by Peter Palfrader on 2017-12-02

Import patches-unapplied version 0.2.5.16-1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: c6fbb4dbf0c3cc4963de87905dd7722a350a5159

New changelog entries:
  * New upstream version, including among others:
    - Fix a denial of service bug where an attacker could use a
      malformed directory object to cause a Tor instance to pause while
      OpenSSL would try to read a passphrase from the terminal. (Tor
      instances run without a terminal, which is the case for most Tor
      packages, are not impacted.) Fixes bug 24246; bugfix on every
      version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
      Found by OSS-Fuzz as testcase 6360145429790720.
    - When checking for replays in the INTRODUCE1 cell data for a
      (legacy) onion service, correctly detect replays in the RSA-
      encrypted part of the cell. We were previously checking for
      replays on the entire cell, but those can be circumvented due to
      the malleability of Tor's legacy hybrid encryption. This fix helps
      prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
      0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
      and CVE-2017-8819.
    - When running as a relay, make sure that we never build a path
      through ourselves, even in the case where we have somehow lost the
      version of our descriptor appearing in the consensus. Fixes part
      of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
      as TROVE-2017-012 and CVE-2017-8822.

c6fbb4d... by Peter Palfrader on 2017-11-20

Import patches-unapplied version 0.2.5.15-1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 6a1909227ff74817dc3189b6ce0d95336c2339a3

New changelog entries:
  * New upstream version:
    - update directory authority set

6a19092... by Peter Palfrader on 2017-06-08

Import patches-unapplied version 0.2.5.14-1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 56d06e506b32ee5200ef3df12c437b1150a5ffd0

New changelog entries:
  * New upstream version, fixing a hidden service related Denial of
    Service bug:
    - Fix a remotely triggerable assertion failure caused by receiving a
      BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
      22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
      on 0.2.2.1-alpha. (closes: #864424)
  * The previous release, 0.2.5.13, already incorporates the changes made in
    Debian's updates of the 0.2.5.12 version. Therefore, drop
    - debian/patches/tor-bug-20384-TROVE-2016-10-001
    - debian/patches/tor-bug-21018-TROVE-2016-12-002-CVE-2016-1254
    - debian/patches/update-authority-set

56d06e5... by Peter Palfrader on 2016-12-19

Import patches-unapplied version 0.2.5.12-4 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 45279599e376bdb726eb2de558ac812c1e38fabe

New changelog entries:
  * Fix for an issue (Tor#21018) where Tor clients could crash when
    attempting to visit a hostile hidden service.
    [TROVE-2016-12-002,CVE-2016-1254]
  * Fix a remote denial of service bug, torbug#20384, TROVE-2016-001.

4527959... by Peter Palfrader on 2016-08-30

Import patches-unapplied version 0.2.5.12-2 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: faaeee7d42858886198452a3bf540229aa7a32bc

New changelog entries:
  * Update the set of authority directory servers to the one from
    Tor 0.2.8.7, released in August 2016. This updates the key
    for dannenberg, replaces the Tonga bridge authority with Bifroest,
    and drops urras.

faaeee7... by Peter Palfrader on 2015-04-06

Import patches-unapplied version 0.2.5.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f196eb1f0ca1724ad4bb80f38cd184f0a95af24c

New changelog entries:
  * New upstream version, fixing hidden service related Denial of
    Service bugs:
    - Fix two remotely triggerable assertion failures (upstream bugs
      #15600 and #15601).
    - Disallow multiple INTRODUCE1 cells on the same circuit at introduction
      points, making overwhelming hidden services with introductions more
      expensive (upstream bug #15515).

f196eb1... by Peter Palfrader on 2015-03-19

Import patches-unapplied version 0.2.5.11-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 68c55c40203d849d253bc5d9675e3ef329836f98

New changelog entries:
  * New upstream version.
    - Directory authority changes.
    - Fix assertion errors that may trigger under high DNS load.
    - No longer break on HUP (happens daily on Debian) with seccomp2 enabled.
    - and more - please consult the upstream changelog.

68c55c4... by Peter Palfrader on 2014-10-24

Import patches-unapplied version 0.2.5.10-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a6ee8f3229def58e40fca8c4a971c7ef102ec4f1

New changelog entries:
  * New upstream version.
  * Use "service tor reload", guarded by "service tor status" in logrotate
    instead as suggested by Dirk Griesbach (closes: #765407).

a6ee8f3... by Peter Palfrader on 2014-10-20

Import patches-unapplied version 0.2.5.9-rc-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c812e6c7e656b82477eb09b8d2ede1024f91e06d

New changelog entries:
  * New upstream version.
    - Disabled SSLv3 unconditionally. As a by-product, this means
      that we no longer die in SSLv3 cleanup code in what is likely
      an openssl bug introduced in 1.0.1j (closes: 765968).
  * logrotate script: call invoke-rc.d tor reload instead of
    /etc/init.d/tor reload. This way, if tor is properly disabled, we will
    not try to reload tor. (closes: #765407).

c812e6c... by Peter Palfrader on 2014-09-23

Import patches-unapplied version 0.2.5.8-rc-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 66fdef28686816607ce164415f910e229ad0be6f

New changelog entries:
  * New upstream version. Upload to unstable.