tor_0.2.2.32-1~bpo60+1_amd64.changes is NEW
(new) tor-dbg_0.2.2.32-1~bpo60+1_amd64.deb extra debug
debugging symbols for Tor
This package provides the debugging symbols for Tor, The Onion Router.
Those symbols allow your debugger to assign names to your backtraces, which
makes it somewhat easier to interpret core dumps.
(new) tor-geoipdb_0.2.2.32-1~bpo60+1_all.deb extra net
geoIP database for Tor
This package provides a geoIP database for Tor, i.e. it maps IPv4 addresses
to countries.
.
Bridges (special Tor relays that aren't listed in the main Tor directory) use
this information to report which countries they get access from. This allows
the Tor network operators to learn if certain countries started blocking
access to bridges.
(new) tor_0.2.2.32-1~bpo60+1.diff.gz optional net
(new) tor_0.2.2.32-1~bpo60+1.dsc optional net
(new) tor_0.2.2.32-1~bpo60+1_amd64.deb optional net
anonymizing overlay network for TCP
Tor is a connection-based low-latency anonymous communication system which
addresses many flaws in the original onion routing design.
.
In brief, Onion Routing is a connection-oriented anonymizing communication
service. Users choose a source-routed path through a set of nodes, and
negotiate a "virtual circuit" through the network, in which each node
knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals
the downstream node.
.
Basically Tor provides a distributed network of servers ("onion
routers"). Users bounce their tcp streams (web traffic, ftp, ssh, etc)
around the routers, and recipients, observers, and even the routers
themselves have difficulty tracking the source of the stream.
.
Note that Tor does no protocol cleaning. That means there is a danger that
application protocols and associated programs can be induced to reveal
information about the initiator. Tor depends on Privoxy and similar protocol
cleaners to solve this problem.
.
Client applications can use the Tor network by connecting to the local
onion proxy. If the application itself does not come with socks support
you can use a socks client such as tsocks. Some web browsers like mozilla
and web proxies like privoxy come with socks support, so you don't need an
extra socks client if you want to use Tor with them.
.
This package enables only the onion proxy by default, but it can be configured
as a relay (server) node.
.
Remember that this is development code -- don't rely on the current Tor
network if you really need strong anonymity.
.
The latest information can be found at https://www.torproject.org/, or on the
mailing lists, archived at https://lists.torproject.org/pipermail/tor-talk/ or
https://lists.torproject.org/pipermail/tor-announce/.
(new) tor_0.2.2.32.orig.tar.gz optional net
Changes: tor (0.2.2.32-1~bpo60+1) squeeze-backports; urgency=low
.
* Build for squeeze-backports.
.
tor (0.2.2.32-1) unstable; urgency=low
.
* New upstream version, upload to unstable.
.
tor (0.2.2.31-rc-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.30-rc-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.29-beta-1) experimental; urgency=low
.
* New upstream version.
* Enable Control Socket by default. It lives in /var/run/tor/
(closes: #552556).
* The postinst script changes /var/run/tor to mode 02750 if it exists,
but the tor init script creates it with mode 02700 if it doesn't.
Change the init script to also create the directory with a group
writeable mode, the same as the postinst maintainer script, i.e. 02750.
.
This will allow users in the debian-tor group to access the control
socket (re: #552556).
.
tor (0.2.2.28-beta-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.27-beta-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.26-beta-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.25-alpha-1) experimental; urgency=low
.
* New upstream version.
* Add Vcs-* control fields. Patch by intrigeri@boum.org
(closes: #623316).
* Update mailinglist archive URLs in package description.
Patch by intrigeri@boum.org (closes: #623318).
.
tor (0.2.2.24-alpha-1) experimental; urgency=low
.
* New upstream version.
* Forward port missing changes from the 0.2.1.x tree:
- Add ${misc:Depends} for all three binary packages because debhelper
might want to add stuff [tor 0.2.1.26-1].
- tor.postinst: Stop calling stat(1) with its full path [tor 0.2.1.26-1].
- No longer set ulimit -c to unlimited:
Up until now the init script (or actually /etc/default/tor) raised
the ulimit for coredumps to unlimited, so that Tor would produce
coredumps on assert errors or segfaults. Coredumps however can
leak sensitive information, like cryptographic session keys and
clients' data should the core files get into the wrong hands. As
such it seems prudent to only enable coredumps if the user or
operator explicitly asks for them, and knows what to do with them.
[tor 0.2.1.26-2]
- Also include a cron.weekly job that removes old coredumps from
/var/lib/tor. This action can be disabled in /etc/default/tor.
[tor 0.2.1.26-2]
- Make sure the cronjob does not try to access a /var/lib/tor
that has already been removed (due to for instance package removal).
Thanks to Holger and piuparts for catching this.
[tor 0.2.1.26-3]
.
tor (0.2.2.23-alpha-1) experimental; urgency=low
.
* New upstream version.
* The tor specification files are no longer shipped in the tarball,
so /usr/share/doc/tor/spec is no more. They can be found online
at <URL:https://gitweb.torproject.org/torspec.git/tree>.
.
tor (0.2.2.22-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.21-alpha-1) experimental; urgency=high
.
* New upstream version, including several security related fixes. See
upstream changelog for details. Addresses CVE-2011-0427.
* Forward port patches/03_tor_manpage_in_section_8.
.
tor (0.2.2.20-alpha-1) experimental; urgency=high
.
* New upstream version.
- Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
* Since the dawn of time (0.0.2pre19-1, January 2004, initial release
of the debian package), the postinst script has changed ownership and
permissions of various trees like /var/lib/tor, /var/run/tor, and
/var/log/tor, sometimes recursively.
.
It turns out this actually is a security issue, so try to be more
conservative when fixing up modes and only chown/chgrp
/var/{lib,log,run}/tor directly, never recursively.
* Remove /var/run/tor, recursively, on purge. We already do this
for /var/lib/tor and /var/log/tor.
.
tor (0.2.2.19-alpha-1) experimental; urgency=low
.
* New upstream version.
- remove debian/patches/15_tlsext_host_name (already included in new
upstream version).
.
tor (0.2.2.18-alpha-2) experimental; urgency=low
.
* If we overwrite src/or/micro-revision.i in during build,
clean it out in the clean target.
* Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8
(0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198):
.
Do not set the tlsext_host_name extension on server SSL objects; only on
client SSL objects. We set it to immitate a browser, not a vhosting
server. This resolves an incompatibility with openssl 0.9.8p and openssl
1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha.
.
tor (0.2.2.18-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.17-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.16-alpha-1) experimental; urgency=low
.
* New upstream version.
* Downgrade torsocks/tsocks dependency to a recommends. That tool
is not needed if you only run a relay, or if you access Tor only
using polipo or privoxy. The torify(1) wrapper that makes use
of torsocks or tsocks already handles their absense and emmits a
proper message telling the user what they are missing (closes: #595898).
* Remove suggests of mixminion which is no longer in the archive
(closes: #594207), and also of anon-proxy which appears to not
have been updated in at least two years.
* Add xul-ext-torbutton to suggests.
.
tor (0.2.2.15-alpha-1) experimental; urgency=low
.
* New upstream version.
* Forward port 06_add_compile_time_defaults.
.
tor (0.2.2.14-alpha-1) experimental; urgency=low
.
* New upstream version.
Among many other things:
- New config option "WarnUnsafeSocks 0" disables the warning that
occurs whenever Tor receives only an IP address instead of a
hostname. Setups that do DNS locally over Tor are fine, and we
shouldn't spam the logs in that case. (Closes: #497466)
.
tor (0.2.2.13-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.12-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.11-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.10-alpha-2) experimental; urgency=low
.
* In /etc/default/tor also source /etc/default/tor.vidalia if it exists
and if vidalia is installed. We do this so that the vidalia package
can override some of our settings: People who have vidalia installed might
not want to run Tor as a system service. The vidalia .deb can ask them
that and then set run-daemon to no.
.
tor (0.2.2.10-alpha-1) experimental; urgency=low
.
* New upstream version.
* debian/rules:
- make manpage building properly depend on patch-stamp,
- Fix building in the absence of a debian/micro-revision.i file.
.
tor (0.2.2.9-alpha-1) experimental; urgency=low
.
* New upstream version.
- We no longer need to build-depend on a recent libssl-dev because
Tor now detects whether we need to explicitly turn on
autonegotiation at run-time rather than compile time. Good.
(This also means we no longer need to conflict with newer
libssls when we built against an old one on backports.)
- The manpages are now built with asciidoc. While the upstream
tarball already ships with the output of asciidoc, we instead
build the manpages during package build time so we can patch them.
+ Therefore build-depend on asciidoc (>= 8.2), docbook-xml,
docbook-xsl, and xmlto.
+ update 03_tor_manpage_in_section_8 to patch the .txt files now.
+ Remove tor.1.in torify.1.in tor-gencert.1.in tor-resolve.1.in in
the doc directory during clean.
+ And try to work around missing (and if it wasn't, broken)
build-system for the manpages.
+ The torify.1 manpage gets installed by upstream, no longer need
to do it manually in debian/rules.
- The original design paper is no longer shipped with Tor.
+ Remove debian/hexdump-*.pdf (which we used to work around
fig2dev bugs).
+ No longer build the paper in debian/rules, and remove it from
debian/tor.docs.
+ No longer build-depend on texlive-base-bin, texlive-latex-base,
texlive-fonts-recommended, transfig and ghostscript.
- Upstream tarballs no longer ship an AUTHORS file, or the website,
Removed these from debian/tor.docs. No longer shipping parts of
the website also closes: #443560.
- Also no longer distribute doc/TODO and doc/HACKING in the debian
package.
* Move from comm to section net, where it might fit slightly better
(closes: #482801).
* Ship contrib/tor-exit-notice.html in the tor package (put it into
usr/share/doc/tor; closes: #568934).
* Add stark README.polipo with the instructions from Juliusz Chroboczek.
(closes: #413730)
* 0.2.2.4-alpha failed to ship test.h so we had included it in the
debian diff. The upstream bug has long since been fixed so we should
probably stop shipping our own copy of test.h.
* Finally apply Peter Eisentraut's patch for tor's init script to support
status as an argument (closes: #526371).
.
tor (0.2.2.8-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.7-alpha-2) experimental; urgency=low
.
* debian/rules: Minor cleanup (use a single variable for making up our
configure flags, not two).
* debian/rules: Remove logic that ignores the result of unit tests if
localhost does not resolve (or not to 127.0.0.1). This should no
longer be necessary as our build chroots have gotten a lot better.
* Depend on and enable hardening-includes for building.
.
tor (0.2.2.7-alpha-1) experimental; urgency=medium
.
* New upstream version.
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.
[and more]
.
tor (0.2.2.6-alpha-1) experimental; urgency=low
.
* New upstream version.
- Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch
(part of upstream).
.
tor (0.2.2.5-alpha-1) experimental; urgency=low
.
* New upstream version.
* Pick 0a58567ce3418f410cf1dd0143dd3e56b4a4bd1f from master git tree:
- work with libssl that has renegotiation disabled by default.
(debian/patches/0a58567c-work-with-reneg-ssl.dpatch)
* Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against
earlier versions we will not work once libssl gets upgraded to a version
that disabled renegotiations.
* Change order of recommends from privoxy | polipo to polipo | privoxy.
* Allegedly echo -e is a bashism. Remove it from debian/rules, we don't
need it anyways (closes: #478631).
* Change the dependency on tsocks to torsocks | tsocks (see: #554717).
.
tor (0.2.2.4-alpha-1) experimental; urgency=low
.
* New upstream version.
* The testsuite moved from src/or/test to src/test/test,
but let's call it using "make check" now.
* Upstream failed to ship src/test/test.h. Ship it in debian/ and
manually copy it in place during configure and clean up in clean.
Let's not use the patch system as this will most likely be rectified
by next release.
.
tor (0.2.2.3-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.2.2-alpha-1) experimental; urgency=low
.
* New upstream version.
* The files src/common/common_sha1.i src/or/or_sha1.i get changed
during the build - they contain the checksums of the individual
files that end up in the binary. Of couse changes only end up
in the debian diff.gz after building a second time in the same
directory. So, remove those files in clean to get both a cleaner
diff.gz and idempotent builds.
* If we have a debian/micro-revision.i, replace the one in src/or
with our copy so that this will be the revision that ends up in
the binary. This is an informational only version string, but
it'd be kinda nice if it was (more) accurate nonetheless.
.
Of course this won't help if people manually patch around but
it's still preferable to claiming we are exactly upstream's source.
.
If we are building directly out of a git tree, update
debian/micro-revision.i in the clean target.
.
tor (0.2.2.1-alpha-1) experimental; urgency=low
.
* New upstream version.
* Forward port patches/03_tor_manpage_in_section_8.dpatch.
* Forward port patches/06_add_compile_time_defaults.dpatch.
Override entries for your package:
Announcing to debian-backports-changes@lists.debian.org
Your package contains new components which requires manual editing of
the override file. It is ok otherwise, so please be patient. New
packages are usually added to the override file about once a week.
You may have gotten the distribution wrong. You'll get warnings above
if files already exist in other distributions.
Reply to: