From patchwork Sat Dec 30 14:35:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 7418 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4T2Pv12gkvz3wtx for ; Sat, 30 Dec 2023 14:36:13 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4T2Ptz6nlXzyQ; Sat, 30 Dec 2023 14:36:11 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4T2Ptz4CsFz32WP; Sat, 30 Dec 2023 14:36:11 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4T2Ptx73vNz2yX3 for ; Sat, 30 Dec 2023 14:36:09 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4T2Ptq1Q0RzF8 for ; Sat, 30 Dec 2023 14:36:02 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1703946963; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6Ii9fFOhjpsvWcg/ia7RGMFdNSeJxJSZrTjeif+hNUM=; b=XNcxYEFlfFqAmKRmjfp2xNehxvHRb+hx3vJR9Sklp3A3Mhi+4QnS/rfBnj7Ged3SpgXT6x pXJfyQXlr4HaP8Bg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1703946963; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6Ii9fFOhjpsvWcg/ia7RGMFdNSeJxJSZrTjeif+hNUM=; b=AYM8iWgUyMnzUmvsgk1OICI+0w3AppNmv+L2jak1V2bck2k60Q3oMQBbGQSJid9xwnfhH8 /SIbKtRlW5BiT2244LTnoQc0VsW4JZa02VVZWfH8W2PdEf4KuhmRBFkpBnBOYCNsM8IIhJ VsrQxZ5eQHQIgmxx5D+N0rGuT1a/EYFWOepgHzSIlLofnTre3WUuvbFq86bm8p6/RzFAGo p4YWxcoUQqHpIZ3qzU5QGrQ/pmrYt4ypk87I6fgsiwaGcxDKg9Y0fgYjeNb/LIqtR1UXWj xtaCLoY35HIdh+99hbUiAXHzaVinJa/NTEFpFiEgbuJsQXO5qtLhsWwGgFHAUQ== Message-ID: <09595133-e875-4c6a-8d1b-6c62e6ca85ef@ipfire.org> Date: Sat, 30 Dec 2023 14:35:00 +0000 MIME-Version: 1.0 To: "IPFire: Development" From: =?utf-8?q?Peter_M=C3=BCller?= Subject: [PATCH] Tor: Update to 0.4.8.10 Message-ID-Hash: XQAN6LI6CPOIFQWHJJ2EXMFP5WWZR3HN X-Message-ID-Hash: XQAN6LI6CPOIFQWHJJ2EXMFP5WWZR3HN X-MailFrom: peter.mueller@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Changes in version 0.4.8.10 - 2023-12-08 This is a security release fixing a high severity bug (TROVE-2023-007) affecting Exit relays supporting Conflux. We strongly recommend to update as soon as possible. o Major bugfixes (TROVE-2023-007, exit): - Improper error propagation from a safety check in conflux leg linking lead to a desynchronization of which legs were part of a conflux set, ultimately causing a UAF and NULL pointer dereference crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on December 08, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/12/08. o Minor bugfixes (bridges, statistics): - Correctly report statistics for client count over Pluggable transport. Fixes bug 40871; bugfix on 0.4.8.4 Signed-off-by: Peter Müller --- lfs/tor | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/tor b/lfs/tor index cf0ccaf9e..74b738512 100644 --- a/lfs/tor +++ b/lfs/tor @@ -26,7 +26,7 @@ include Config SUMMARY = Anonymizing overlay network for TCP (The onion router) -VER = 0.4.8.9 +VER = 0.4.8.10 THISAPP = tor-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 82 +PAK_VER = 83 DEPS = libseccomp @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = a2d8cc8e60f162930d64d191af1893cb4060a8d98c16560c9ba30e0a9a0fd9cce2132573ca4db7b8b6e002f127f06b53fc5aea5fb6e8795c10f73671d14d9190 +$(DL_FILE)_BLAKE2 = ef470664d85e019f6cac2366e934d5dc31b8ae92f121a2b4c8c95f8267abce5ce4413d30a24affa40a069d587212364ae5a7c3cd114488e50a535f01c54c6e77 install : $(TARGET)