Bug 129540 - [PATCH]security/tor-devel: update to 0.2.1.8-alpha
Summary: [PATCH]security/tor-devel: update to 0.2.1.8-alpha
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Martin Wilke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-10 00:50 UTC by bf
Modified: 2008-12-22 21:05 UTC (History)
0 users

See Also:


Attachments
file.diff (1000 bytes, patch)
2008-12-10 00:50 UTC, bf
no flags Details | Diff
tor-devel.0218.txt (2.30 KB, text/plain)
2008-12-16 04:40 UTC, bf
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description bf 2008-12-10 00:50:01 UTC
Among the bugs fixed, note especially the entry guard and server DOS security
fixes:


"Changes in version 0.2.1.8-alpha - 2008-12-08
  o Major features:
    - New DirPortFrontPage option that takes an html file and publishes
      it as "/" on the DirPort. Now relay operators can provide a
      disclaimer without needing to set up a separate webserver. There's
      a sample disclaimer in contrib/tor-exit-notice.html.

  o Security fixes:
    - When the client is choosing entry guards, now it selects at most
      one guard from a given relay family. Otherwise we could end up with
      all of our entry points into the network run by the same operator.
      Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

  o Major bugfixes:
    - Fix a DOS opportunity during the voting signature collection process
      at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
    - Fix a possible segfault when establishing an exit connection. Bugfix
      on 0.2.1.5-alpha.

  o Minor bugfixes:
    - Get file locking working on win32. Bugfix on 0.2.1.6-alpha. Fixes
      bug 859.
    - Made Tor a little less aggressive about deleting expired
      certificates. Partial fix for bug 854.
    - Stop doing unaligned memory access that generated bus errors on
      sparc64. Bugfix on 0.2.0.10-alpha. Fix for bug 862.
    - Fix a crash bug when changing EntryNodes from the controller. Bugfix
      on 0.2.1.6-alpha. Fix for bug 867. Patched by Sebastian.
    - Make USR2 log-level switch take effect immediately. Bugfix on
      0.1.2.8-beta.
    - If one win32 nameserver fails to get added, continue adding the
      rest, and don't automatically fail.
    - Use fcntl() for locking when flock() is not available. Should fix
      compilation on Solaris. Should fix Bug 873. Bugfix on 0.2.1.6-alpha.
    - Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug
      could make gcc generate non-functional binary search code. Bugfix
      on 0.2.0.10-alpha.
    - Build correctly on platforms without socklen_t.
    - Avoid potential crash on internal error during signature collection.
      Fixes bug 864. Patch from rovv.
    - Do not use C's stdio library for writing to log files. This will
      improve logging performance by a minute amount, and will stop
      leaking fds when our disk is full. Fixes bug 861.
    - Stop erroneous use of O_APPEND in cases where we did not in fact
      want to re-seek to the end of a file before every last write().
    - Correct handling of possible malformed authority signing key
      certificates with internal signature types. Fixes bug 880. Bugfix
      on 0.2.0.3-alpha.
    - Fix a hard-to-trigger resource leak when logging credential status.
      CID 349.

  o Minor features:
    - Directory mirrors no longer fetch the v1 directory or
      running-routers files. They are obsolete, and nobody asks for them
      anymore. This is the first step to making v1 authorities obsolete.

  o Minor features (controller):
    - Return circuit purposes in response to GETINFO circuit-status. Fixes
      bug 858."

Fix: Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2008-12-10 00:50:11 UTC
Responsible Changed
From-To: freebsd-ports-bugs->miwi

miwi@ wants his PRs (via the GNATS Auto Assign Tool)
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2008-12-10 00:50:13 UTC
Maintainer of security/tor-devel,

Please note that PR ports/129540 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/129540

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 3 Edwin Groothuis freebsd_committer freebsd_triage 2008-12-10 00:50:15 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 4 bf 2008-12-16 04:40:05 UTC
Revise the patch to include the necessary changes from "ports/129353:
security/tor-devel doesn't run after upgrade", by Peter's request (he is
away for a week or two, and can't fix it himself right now).

b.


      
Comment 5 Peter Thoenen 2008-12-16 07:31:35 UTC
Approved
Comment 6 Martin Wilke freebsd_committer freebsd_triage 2008-12-22 21:05:17 UTC
State Changed
From-To: feedback->closed

Committed. Thanks!