-
tor (0.3.0.13-0ubuntu1~17.10.2) artful-security; urgency=medium
* No change rebuild for the security pocket.
-- Seth Arnold <email address hidden> Wed, 28 Feb 2018 14:53:07 -0800
-
tor (0.3.0.13-0ubuntu1~17.10.1) artful; urgency=medium
[ Peter Palfrader ]
* Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
causing all errors while switching to the new apparmor profile to
be ignored. This is not ideal, but for now it's probably the
best solution. Thanks to intrigeri; closes: #880490.
[ Simon Deziel ]
* New upstream version: 0.3.0.13 (LP: #1731698)
- Fix a denial of service bug where an attacker could use a
malformed directory object to cause a Tor instance to pause while
OpenSSL would try to read a passphrase from the terminal. (Tor
instances run without a terminal, which is the case for most Tor
packages, are not impacted.) Fixes bug 24246; bugfix on every
version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
Found by OSS-Fuzz as testcase 6360145429790720.
- Fix a denial of service issue where an attacker could crash a
directory authority using a malformed router descriptor. Fixes bug
24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
and CVE-2017-8820.
- When checking for replays in the INTRODUCE1 cell data for a
(legacy) onion service, correctly detect replays in the RSA-
encrypted part of the cell. We were previously checking for
replays on the entire cell, but those can be circumvented due to
the malleability of Tor's legacy hybrid encryption. This fix helps
prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
and CVE-2017-8819.
- Fix a use-after-free error that could crash v2 Tor onion services
when they failed to open circuits while expiring introduction
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
also tracked as TROVE-2017-013 and CVE-2017-8823.
- When running as a relay, make sure that we never build a path
through ourselves, even in the case where we have somehow lost the
version of our descriptor appearing in the consensus. Fixes part
of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
as TROVE-2017-012 and CVE-2017-8822.
- When running as a relay, make sure that we never choose ourselves
as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
* New upstream version: 0.3.0.12
- Directory authority changes
* New upstream version: 0.3.0.11
- Fix TROVE-2017-008: Stack disclosure in hidden services logs when
SafeLogging disabled (CVE-2017-0380)
* debian/rules: stop overriding micro-revision.i
tor (0.3.0.10-2) UNRELEASED; urgency=medium
* apparmor: use Pix instead of PUx for obfs4proxy, giving us
better confinement of the child process while actually working
with systemd's NoNewPrivileges. (closes: #867342)
* Drop versioned dependency on binutils. The version is already
newer in all supported Debian and Ubuntu trees, and binutils
is in the transitive dependency set of build-essential.
Patch by Helmut Grohne. (closes: #873127)
* Do not rely on aa-exec and aa-enabled being in /usr/sbin in the
SysV init script. This change enables apparmor confinement
on some system-V systems again. (closes: #869153)
-- Simon Deziel <email address hidden> Sun, 14 Jan 2018 14:15:21 -0500
-
tor (0.3.0.10-1) unstable; urgency=medium
* New upstream version.
* Update apparmor profile: replace CAP_DAC_OVERRIDE with
CAP_DAC_READ_SEARCH to match the systemd capability bounding set
changed with 0.3.0.4-rc-1. This change will allow tor to start
again under apparmor if hidden services are configured.
Patch by intrigeri. (closes: #862993)
* Remove tor-dbg binary package. Nowadays Debian's toolchain
automatically builds packages containing debugging symbols. The new
tor-dbgsym package will end up in the debian-debug archive.
This tor-dbgsym package will Replace/Break tor-dbg versions
prior to 0.3.1.5-alpha for now (to match the version in experimental
with the same change), but as we keep providing backported builds for
older suites, and since those keep the tor-dbg package for now,
we'll likely keep increasing this version in future releases.
(closes: #867547)
* The dbgsym migration options require debhelper >= 9.20160114; update
build dependency list accordingly.
-- Peter Palfrader <email address hidden> Sun, 13 Aug 2017 17:24:23 +0200
-
tor (0.3.0.9-1build1) artful; urgency=medium
* No-change rebuild against libevent-2.1-6
-- Steve Langasek <email address hidden> Mon, 31 Jul 2017 02:54:09 +0000
-
tor (0.3.0.9-1) unstable; urgency=medium
* New upstream version, upload 0.3.0.x tree to unstable.
- Fixes TROVE-2017-006: Regression in guard family avoidance
(closes: #866799; CVE-2017-0377).
* Remove debian/README.{polipo,privoxy} as using them is not recommended.
(Torbrowser is the better option for users browsing the web.)
-- Peter Palfrader <email address hidden> Sun, 02 Jul 2017 00:53:02 +0200
-
tor (0.2.9.11-1) unstable; urgency=high
* New upstream version.
- Fix a remotely triggerable assertion failure caused by receiving a
BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
on 0.2.2.1-alpha. (closes: #864424)
-- Peter Palfrader <email address hidden> Thu, 08 Jun 2017 18:48:46 +0200
-
tor (0.2.9.10-1ubuntu1) zesty; urgency=low
* Merge from Debian unstable. Remaining changes:
- Limit the seccomp build-dependency to [amd64 i386 armhf].
-- Gianfranco Costamagna <email address hidden> Wed, 08 Mar 2017 08:25:29 +0100
