Bug 220372 - security/tor-devel: update to 0.3.1.4-alpha (security: CVE-2017-0377)
Summary: security/tor-devel: update to 0.3.1.4-alpha (security: CVE-2017-0377)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dmitry Marakasov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-06-29 22:48 UTC by nusenu
Modified: 2017-06-30 11:51 UTC (History)
1 user (show)

See Also:
amdmi3: maintainer-feedback+

Attachments
patch (929 bytes, patch)
2017-06-29 23:32 UTC, Yuri Victorovich 		yuri: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description nusenu 2017-06-29 22:48:55 UTC 
This update fixes a problem in path selection where a tor client uses
multiple relays from a single operator.



https://dist.torproject.org/tor-0.3.1.4-alpha.tar.gz

https://gitweb.torproject.org/tor.git/commit/?id=665baf5ed5c6186d973c46cdea165c0548027350

https://trac.torproject.org/projects/tor/ticket/22753#comment:3
Comment 1 Yuri Victorovich freebsd_committer freebsd_triage 2017-06-29 23:32:03 UTC 
Created attachment 183930 [details]
patch

Builds in poudriere.
Comment 2 commit-hook freebsd_committer freebsd_triage 2017-06-30 11:41:11 UTC 
A commit references this bug:

Author: amdmi3
Date: Fri Jun 30 11:41:03 UTC 2017
New revision: 444709
URL: https://svnweb.freebsd.org/changeset/ports/444709

Log:
  - Update to 0.3.1.4-alpha

  PR:		220372
  Submitted by:	yuri@rawbw.com (maintainer)
  Security:	CVE-2017-0377

Changes:
  head/security/tor-devel/Makefile
  head/security/tor-devel/distinfo
Comment 3 Dmitry Marakasov freebsd_committer freebsd_triage 2017-06-30 11:51:01 UTC 
Not doing a MFH because 2017Q2 will be replaces in a few hours-days.