Re: [stable] openssl rfc5746 / renegotiation support
On Sat, 20 Nov 2010, Peter Palfrader wrote:
> > > When we throw out tor 0.2.0.x from lenny, are we replacing it with the
> > > version currently in lenny-volatile?
> >
> > I'd be ok with that.
>
> Ok, I'll upload it later today. I'll include the no-coredump patch too,
> unless somebody shouts.
Uploaded just the volatile version, with no further changes as per your
request.
interdiff and debdiff attached.
Thanks,
weasel
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
diff -u tor-0.2.1.26/debian/changelog tor-0.2.1.26/debian/changelog
--- tor-0.2.1.26/debian/changelog
+++ tor-0.2.1.26/debian/changelog
@@ -1,3 +1,22 @@
+tor (0.2.1.26-1~lenny+1) stable; urgency=low
+
+ * Upload to stable, since a potential future security upload
+ for openssl will break Tor 0.2.0.35, the version currently in
+ stable.
+ .
+ This libssl update will change how openssl does renegotiation,
+ and Tor 0.2.0.x relies on the old behaviour but does not yet
+ know how to tell openssl to stick to it. The 0.2.1.x tree
+ has special support for newer openssls and sets the proper, new
+ flags so libssl continues to provide the old renegotiation
+ features.
+ .
+ The old-style renegotiation feature is potentially dangerous
+ in some cases, but it is believed that Tor does everything
+ correctly and thus can use it safely.
+
+ -- Peter Palfrader <weasel@debian.org> Sat, 20 Nov 2010 11:24:32 +0100
+
tor (0.2.1.26-1~lennyvolatile1) lenny-volatile; urgency=low
* Upload to lenny-volatile.
diff -u tor-0.2.1.26/debian/micro-revision.i tor-0.2.1.26/debian/micro-revision.i
--- tor-0.2.1.26/debian/micro-revision.i
+++ tor-0.2.1.26/debian/micro-revision.i
@@ -1 +1 @@
-"59d3dbb874f0deb3"
+"0856f24277cd9842"
File lists identical (after any substitutions)
Control files of package tor: lines which differ (wdiff format)
---------------------------------------------------------------
Version: [-0.2.1.26-1~lennyvolatile1-] {+0.2.1.26-1~lenny+1+}
Control files of package tor-dbg: lines which differ (wdiff format)
-------------------------------------------------------------------
Depends: tor (= [-0.2.1.26-1~lennyvolatile1)-] {+0.2.1.26-1~lenny+1)+}
Version: [-0.2.1.26-1~lennyvolatile1-] {+0.2.1.26-1~lenny+1+}
Control files of package tor-geoipdb: lines which differ (wdiff format)
-----------------------------------------------------------------------
Depends: tor (>= [-0.2.1.26-1~lennyvolatile1)-] {+0.2.1.26-1~lenny+1)+}
Version: [-0.2.1.26-1~lennyvolatile1-] {+0.2.1.26-1~lenny+1+}
Reply to: