Bug 220373 - security/tor: update to version 0.3.0.9 (security: CVE-2017-0377)
Summary: security/tor: update to version 0.3.0.9 (security: CVE-2017-0377)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dmitry Marakasov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-06-29 22:48 UTC by nusenu
Modified: 2017-06-30 11:50 UTC (History)
1 user (show)

See Also:
amdmi3: maintainer-feedback+


Attachments
patch (1.14 KB, patch)
2017-06-29 23:23 UTC, Yuri Victorovich
yuri: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description nusenu 2017-06-29 22:48:58 UTC
This update fixes a problem in path selection where a tor client uses
multiple relays from a single operator.

https://dist.torproject.org/tor-0.3.0.9.tar.gz

https://trac.torproject.org/projects/tor/ticket/22753#comment:3
Comment 1 Yuri Victorovich freebsd_committer 2017-06-29 23:23:52 UTC
Created attachment 183928 [details]
patch

Builds in poudriere.

Also added USES=pkgconfig
Comment 2 commit-hook freebsd_committer 2017-06-30 11:40:09 UTC
A commit references this bug:

Author: amdmi3
Date: Fri Jun 30 11:39:52 UTC 2017
New revision: 444708
URL: https://svnweb.freebsd.org/changeset/ports/444708

Log:
  - Update to 0.3.0.9

  PR:		220373
  Submitted by:	yuri@rawbw.com (maintainer)
  Security:	CVE-2017-0377

Changes:
  head/security/tor/Makefile
  head/security/tor/distinfo
Comment 3 Dmitry Marakasov freebsd_committer 2017-06-30 11:50:58 UTC
Not doing a MFH because 2017Q2 will be replaces in a few hours-days.