ubuntu/+source/tor:ubuntu/bionic

Last commit made on 2018-03-05
Get this branch:
git clone -b ubuntu/bionic https://git.launchpad.net/ubuntu/+source/tor
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/bionic
Repository:
lp:ubuntu/+source/tor

Recent commits

a03c2ef... by Peter Palfrader on 2018-03-03

Import patches-unapplied version 0.3.2.10-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ef7749612d8310201de025ef5bd12807ebaef3ea

New changelog entries:
  * New upstream version.
    - Includes an important security fix for a remote crash attack against
      directory authorities.
      [TROVE-2018-001 and CVE-2018-0490]
    - Additionally, backports a fix for Tor#24700, which was originally
      fixed in 0.3.3.2-alpha but had its severity upgraded now as it can be
      remotely triggered and can crash relays.
      [TROVE-2018-002 and CVE-2018-0491]

ef77496... by Peter Palfrader on 2018-01-16

Import patches-unapplied version 0.3.2.9-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 853b7ff1b322ecfaa568dacb28048d6a5e690be9

New changelog entries:
  * New upstream version, upload 0.3.2.x tree to unstable.

853b7ff... by Peter Palfrader on 2017-12-21

Import patches-unapplied version 0.3.2.8-rc-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 902dfbb3bbe8c0fec3996eff7359e90840bef9df

New changelog entries:
  * New upstream version.

902dfbb... by Peter Palfrader on 2017-12-14

Import patches-unapplied version 0.3.2.7-rc-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: ad4e3d5ced5c3f38b0bd22d56a54d1ff3257d443

New changelog entries:
  * New upstream version.
  * Stop suggesting obfsproxy -- long obsolete; closes: #884369.

ad4e3d5... by Peter Palfrader on 2017-12-01

Import patches-unapplied version 0.3.2.6-alpha-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: d29539702d5232bf8066ea48780032a0830e888b

New changelog entries:
  * New upstream version, including among others:
    - Fix a denial of service bug where an attacker could use a
      malformed directory object to cause a Tor instance to pause while
      OpenSSL would try to read a passphrase from the terminal. (Tor
      instances run without a terminal, which is the case for most Tor
      packages, are not impacted.) Fixes bug 24246; bugfix on every
      version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
      Found by OSS-Fuzz as testcase 6360145429790720.
    - Fix a denial of service issue where an attacker could crash a
      directory authority using a malformed router descriptor. Fixes bug
      24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
      and CVE-2017-8820.
    - When checking for replays in the INTRODUCE1 cell data for a
      (legacy) onion service, correctly detect replays in the RSA-
      encrypted part of the cell. We were previously checking for
      replays on the entire cell, but those can be circumvented due to
      the malleability of Tor's legacy hybrid encryption. This fix helps
      prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
      0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
      and CVE-2017-8819.
    - Fix a use-after-free error that could crash v2 Tor onion services
      when they failed to open circuits while expiring introduction
      points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
      also tracked as TROVE-2017-013 and CVE-2017-8823.
    - When running as a relay, make sure that we never build a path
      through ourselves, even in the case where we have somehow lost the
      version of our descriptor appearing in the consensus. Fixes part
      of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
      as TROVE-2017-012 and CVE-2017-8822.
    - When running as a relay, make sure that we never choose ourselves
      as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
      issue is also tracked as TROVE-2017-012 and CVE-2017-8822.

d295397... by Peter Palfrader on 2017-11-22

Import patches-unapplied version 0.3.2.5-alpha-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 427a69f0bbc6275dafbe3d8add7cf24a09b6aae3

New changelog entries:
  * New upstream version.
  * Build-depend on libcap-dev on linux-any so we can build tor with
    capabilities support to retain the capability to bind to low ports;
    closes: #882281, #700179.

427a69f... by Peter Palfrader on 2017-11-09

Import patches-unapplied version 0.3.2.4-alpha-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: f1b97bf170b76e3884a1f1409e6f4b68001c5fcf

New changelog entries:
  * New upstream version.

f1b97bf... by Peter Palfrader on 2017-11-02

Import patches-unapplied version 0.3.2.3-alpha-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 5bdf64ad654d2bc7c3cefc484a2de13f023b836a

New changelog entries:
  * Recent linux packages in Debian have enabled the apparmor
    Linux-Security-Module by default. Therefore, users are likely to have
    apparmor support not only built into their kernel but also actively
    enabled at runtime. Unfortunately, without the apparmor package
    being installed, systemd's AppArmorProfile= service setting will
    cause the unit to fail to start.
    .
    Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
    causing all errors while switching to the new apparmor profile to
    be ignored. This is not ideal, but for now it's probably the
    best solution.
    .
    Thanks to intrigeri; closes: #880490.

5bdf64a... by Peter Palfrader on 2017-10-29

Import patches-unapplied version 0.3.2.3-alpha-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 75dd93437ab42af6f99d58a6cc31b7d654f1642a

New changelog entries:
  * New upstream version

75dd934... by Peter Palfrader on 2017-10-03

Import patches-unapplied version 0.3.2.2-alpha-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 13c6390a3efefe3cd67ca2e67ee8742d7ef9413d

New changelog entries:
  * New upstream version