Copied from
ubuntu xenial in
Backport collection
by Johnson S
Changelog
tor (0.3.2.10-1~16.04.york0) xenial; urgency=medium
* No-change backport to xenial
tor (0.3.2.10-1) unstable; urgency=medium
* New upstream version.
- Includes an important security fix for a remote crash attack against
directory authorities.
[TROVE-2018-001 and CVE-2018-0490]
- Additionally, backports a fix for Tor#24700, which was originally
fixed in 0.3.3.2-alpha but had its severity upgraded now as it can be
remotely triggered and can crash relays.
[TROVE-2018-002 and CVE-2018-0491]
tor (0.3.2.9-1) unstable; urgency=medium
* New upstream version, upload 0.3.2.x tree to unstable.
tor (0.3.2.8-rc-1) experimental; urgency=medium
* New upstream version.
tor (0.3.2.7-rc-1) experimental; urgency=medium
* New upstream version.
* Stop suggesting obfsproxy -- long obsolete; closes: #884369.
tor (0.3.2.6-alpha-1) experimental; urgency=medium
* New upstream version, including among others:
- Fix a denial of service bug where an attacker could use a
malformed directory object to cause a Tor instance to pause while
OpenSSL would try to read a passphrase from the terminal. (Tor
instances run without a terminal, which is the case for most Tor
packages, are not impacted.) Fixes bug 24246; bugfix on every
version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
Found by OSS-Fuzz as testcase 6360145429790720.
- Fix a denial of service issue where an attacker could crash a
directory authority using a malformed router descriptor. Fixes bug
24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
and CVE-2017-8820.
- When checking for replays in the INTRODUCE1 cell data for a
(legacy) onion service, correctly detect replays in the RSA-
encrypted part of the cell. We were previously checking for
replays on the entire cell, but those can be circumvented due to
the malleability of Tor's legacy hybrid encryption. This fix helps
prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
and CVE-2017-8819.
- Fix a use-after-free error that could crash v2 Tor onion services
when they failed to open circuits while expiring introduction
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
also tracked as TROVE-2017-013 and CVE-2017-8823.
- When running as a relay, make sure that we never build a path
through ourselves, even in the case where we have somehow lost the
version of our descriptor appearing in the consensus. Fixes part
of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
as TROVE-2017-012 and CVE-2017-8822.
- When running as a relay, make sure that we never choose ourselves
as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This
issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
tor (0.3.2.5-alpha-1) experimental; urgency=medium
* New upstream version.
* Build-depend on libcap-dev on linux-any so we can build tor with
capabilities support to retain the capability to bind to low ports;
closes: #882281, #700179.
tor (0.3.2.4-alpha-1) experimental; urgency=medium
* New upstream version.
tor (0.3.2.3-alpha-2) experimental; urgency=medium
* Recent linux packages in Debian have enabled the apparmor
Linux-Security-Module by default. Therefore, users are likely to have
apparmor support not only built into their kernel but also actively
enabled at runtime. Unfortunately, without the apparmor package
being installed, systemd's AppArmorProfile= service setting will
cause the unit to fail to start.
.
Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
causing all errors while switching to the new apparmor profile to
be ignored. This is not ideal, but for now it's probably the
best solution.
.
Thanks to intrigeri; closes: #880490.
tor (0.3.2.3-alpha-1) experimental; urgency=medium
* New upstream version.
tor (0.3.2.2-alpha-1) experimental; urgency=medium
* New upstream version.
tor (0.3.2.1-alpha-1) experimental; urgency=medium
* New upstream tree.
tor (0.3.1.7-1) unstable; urgency=medium
* New upstream version, upload 0.3.1.x tree to unstable.
* Build depend on liblzma-dev and libzstd-dev.
tor (0.3.1.6-rc-1) experimental; urgency=medium
* New upstream version.
* Drop versioned dependency on binutils. The version is already
newer in all supported Debian and Ubuntu trees, and binutils
is in the transitive dependency set of build-essential.
Patch by Helmut Grohne. (closes: #873127)
tor (0.3.1.5-alpha-2) experimental; urgency=medium
* apparmor: use Pix instead of PUx for obfs4proxy, giving us
better confinement of the child process while actually working
with systemd's NoNewPrivileges. (closes: #867342)
* Do not rely on aa-exec and aa-enabled being in /usr/sbin in the
SysV init script. This change enables apparmor confinement
on some system-V systems again. (closes: #869153)
tor (0.3.1.5-alpha-1) experimental; urgency=medium
* New upstream version.
* Update apparmor profile: replace CAP_DAC_OVERRIDE with
CAP_DAC_READ_SEARCH to match the systemd capability bounding set
changed with 0.3.0.4-rc-1. This change will allow tor to start
again under apparmor if hidden services are configured.
Patch by intrigeri. (closes: #862993)
* Remove tor-dbg binary package. Nowadays Debian's toolchain
automatically builds packages containing debugging symbols. The new
tor-dbgsym package will end up in the debian-debug archive.
This tor-dbgsym package will Replace/Break tor-dbg versions
prior to 0.3.1.5-alpha for now, but as we keep providing backported
builds for older suites, and since those keep the tor-dbg package for now,
we'll likely keep increasing this version in future releases.
(closes: #867547)
* The dbgsym migration options require debhelper >= 9.20160114; update
build dependency list accordingly.
tor (0.3.1.4-alpha-1) experimental; urgency=medium
* New upstream tree.
tor (0.3.0.9-1) unstable; urgency=medium
* New upstream version, upload 0.3.0.x tree to unstable.
- Fixes TROVE-2017-006: Regression in guard family avoidance
(closes: #866799; CVE-2017-0377).
* Remove debian/README.{polipo,privoxy} as using them is not recommended.
(Torbrowser is the better option for users browsing the web.)
tor (0.3.0.8-1) experimental; urgency=medium
* New upstream version.
- Fix a remotely triggerable assertion failure when a hidden service
handles a malformed BEGIN cell. Fixes bug 22493, tracked as
TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha.
- Fix a remotely triggerable assertion failure caused by receiving a
BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
on 0.2.2.1-alpha. (closes: #864424)
tor (0.3.0.7-1) experimental; urgency=medium
* New upstream version.
tor (0.3.0.5-rc-1) experimental; urgency=medium
* New upstream version.
- Run the entry_guard_parse_from_state_full() test with the time set
to a specific date. (closes: #858534).
tor (0.3.0.4-rc-1) experimental; urgency=medium
* New upstream version.
* Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service
capability bounding set. Read access is sufficient for Tor (as root on
startup) to check its onion service directories (see #847598).
* Change default log target to syslog. We still keep /var/log/tor and
the logrotation configuration around in case the admin prefers normal
log files. Also update README.Debian accordingly. (closes: #852716).
tor (0.3.0.3-alpha-1) experimental; urgency=medium
* New upstream version.
tor (0.3.0.2-alpha-1) experimental; urgency=medium
* New upstream version.
tor (0.3.0.1-alpha-1) experimental; urgency=medium
* New upstream tree.
-- Jonathon Fernyhough <email address hidden> Wed, 14 Mar 2018 11:52:18 +0000