Bug 220373

Summary: security/tor: update to version 0.3.0.9 (security: CVE-2017-0377)
Product: Ports & Packages Reporter: nusenu <freebsd-vheg>
Component: Individual Port(s)Assignee: Dmitry Marakasov <amdmi3>
Status: Closed FIXED    
Severity: Affects Only Me CC: yuri
Priority: --- Flags: amdmi3: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch yuri: maintainer-approval+

Description nusenu 2017-06-29 22:48:58 UTC 
This update fixes a problem in path selection where a tor client uses
multiple relays from a single operator.

https://dist.torproject.org/tor-0.3.0.9.tar.gz

https://trac.torproject.org/projects/tor/ticket/22753#comment:3
Comment 1 Yuri Victorovich freebsd_committer freebsd_triage 2017-06-29 23:23:52 UTC 
Created attachment 183928 [details]
patch

Builds in poudriere.

Also added USES=pkgconfig
Comment 2 commit-hook freebsd_committer freebsd_triage 2017-06-30 11:40:09 UTC 
A commit references this bug:

Author: amdmi3
Date: Fri Jun 30 11:39:52 UTC 2017
New revision: 444708
URL: https://svnweb.freebsd.org/changeset/ports/444708

Log:
  - Update to 0.3.0.9

  PR:		220373
  Submitted by:	yuri@rawbw.com (maintainer)
  Security:	CVE-2017-0377

Changes:
  head/security/tor/Makefile
  head/security/tor/distinfo
Comment 3 Dmitry Marakasov freebsd_committer freebsd_triage 2017-06-30 11:50:58 UTC 
Not doing a MFH because 2017Q2 will be replaces in a few hours-days.