Accepted tor 0.2.1.26-6~bpo50+1 (source all i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 18 Dec 2010 11:05:13 +0100
Source: tor
Binary: tor tor-dbg tor-geoipdb
Architecture: source all i386
Version: 0.2.1.26-6~bpo50+1
Distribution: lenny-backports
Urgency: high
Maintainer: Peter Palfrader <weasel@debian.org>
Changed-By: Peter Palfrader <weasel@debian.org>
Description:
tor - anonymizing overlay network for TCP
tor-dbg - debugging symbols for Tor
tor-geoipdb - geoIP database for Tor
Changes:
tor (0.2.1.26-6~bpo50+1) lenny-backports; urgency=low
.
* Build for bpo50.
* Replace hardening-includes use with hardening-wrapper.
.
tor (0.2.1.26-6) unstable; urgency=high
.
* Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
* Housekeeping: Update IP address and port of directory authority gabelmoo
with data shipped in 0.2.1.28.
.
tor (0.2.1.26-5) unstable; urgency=low
.
* Since the dawn of time (0.0.2pre19-1, January 2004, initial release
of the debian package), the postinst script has changed ownership and
permissions of various trees like /var/lib/tor, /var/run/tor, and
/var/log/tor, sometimes recursively.
.
It turns out this actually is a security issue, so try to be more
conservative when fixing up modes and only chown/chgrp
/var/{lib,log,run}/tor directly, never recursively.
* Remove /var/run/tor, recursively, on purge. We already do this
for /var/lib/tor and /var/log/tor.
Checksums-Sha1:
b412da909419d180ee90f2d982fc1cc704aae1a3 1512 tor_0.2.1.26-6~bpo50+1.dsc
4ac165a76398fb4e4af20862a78e52c72c7647f9 97129 tor_0.2.1.26-6~bpo50+1.diff.gz
60a8d45af411373250e2bd2a1323b721472dfe9d 805526 tor-geoipdb_0.2.1.26-6~bpo50+1_all.deb
ad9436b2a23c9ccaaae59b29dd36ebe36c9131ef 1321246 tor_0.2.1.26-6~bpo50+1_i386.deb
01f91dc2c2dc975b12cea685d13ea881676c409b 916226 tor-dbg_0.2.1.26-6~bpo50+1_i386.deb
Checksums-Sha256:
79458b0be2821daeac052e757f8c71d876addb2bcf2aae89d4538d4fd68b2755 1512 tor_0.2.1.26-6~bpo50+1.dsc
ff04b37d7985afa2d355a5daf27d7abae442bed4857de266e5ff28133bdccaa2 97129 tor_0.2.1.26-6~bpo50+1.diff.gz
3ec01960cf372860a28871848c8422ff48cba5bc003fe25a6b9620ca308473de 805526 tor-geoipdb_0.2.1.26-6~bpo50+1_all.deb
810704385421cb02d467975ab6bd2b29838a328d1ecc662afa1ebd09973dbd35 1321246 tor_0.2.1.26-6~bpo50+1_i386.deb
07b7a2b233b3d8a167d06ac282c3524e71f23b10071a56594a5c30feaf96fec2 916226 tor-dbg_0.2.1.26-6~bpo50+1_i386.deb
Files:
78d84b98b59e4929b1d5e48daab1e289 1512 net optional tor_0.2.1.26-6~bpo50+1.dsc
cc1c96db933372db5282fa0188fc9ece 97129 net optional tor_0.2.1.26-6~bpo50+1.diff.gz
9b346122c4ba4acadd1905bfa285e75d 805526 net extra tor-geoipdb_0.2.1.26-6~bpo50+1_all.deb
fb6f4e2f84086caa9ad778a34a56aacf 1321246 net optional tor_0.2.1.26-6~bpo50+1_i386.deb
4ac1d9468aa626f7dc1b7283c9cfb65e 916226 debug extra tor-dbg_0.2.1.26-6~bpo50+1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJND2ZLAAoJEDTSCgbh3sV3NWYH/2LG3+dKQN0LZhsZi5lCyqFa
XIRNMlSySGkuDso4lsUQLJ6hUyYYDS5wPAtmmKztezyC0lkVtzm3wMMEHrD9h91w
CQBAeVgIHzU5DlV7MfeTYnB0lfT2iR27KBl4JXJiyA/1aqWj1hO3cJ+F+6ci+NR/
7JEimNWk+veAlrLA6CioscuySpI8lrhUhrFiT9fiJroupr0C0Z078VxdGniy9RD1
WC7gO0J+O0d5V8RkxjHU3gFU3pzUcHgDS+Y5Buoj3gM9Iesb5g/2EU6uf+GRaXF+
j9Rl4GBexL8e1TIGnJ0MgYVRXTIJhCW1OY0ox9fNtGuxrApNtGXwRa/1txODBNI=
=VqKE
-----END PGP SIGNATURE-----
Accepted:
tor-dbg_0.2.1.26-6~bpo50+1_i386.deb
to main/t/tor/tor-dbg_0.2.1.26-6~bpo50+1_i386.deb
tor-geoipdb_0.2.1.26-6~bpo50+1_all.deb
to main/t/tor/tor-geoipdb_0.2.1.26-6~bpo50+1_all.deb
tor_0.2.1.26-6~bpo50+1.diff.gz
to main/t/tor/tor_0.2.1.26-6~bpo50+1.diff.gz
tor_0.2.1.26-6~bpo50+1.dsc
to main/t/tor/tor_0.2.1.26-6~bpo50+1.dsc
tor_0.2.1.26-6~bpo50+1_i386.deb
to main/t/tor/tor_0.2.1.26-6~bpo50+1_i386.deb
Reply to: