svn commit: r374532 - in head/security: tor tor-devel tor-devel/files tor/files

Brendan Fabeny bf at FreeBSD.org
Thu Dec 11 13:57:33 UTC 2014 

Author: bf
Date: Thu Dec 11 13:57:31 2014
New Revision: 374532
URL: https://svnweb.freebsd.org/changeset/ports/374532
QAT: https://qat.redports.org/buildarchive/r374532/

Log:
  Warn about a vulnerability in the default configuration
  
  PR:		195828

Modified:
  head/security/tor-devel/Makefile
  head/security/tor-devel/files/pkg-message.in
  head/security/tor/Makefile
  head/security/tor/files/pkg-message.in

Modified: head/security/tor-devel/Makefile
==============================================================================
--- head/security/tor-devel/Makefile	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor-devel/Makefile	Thu Dec 11 13:57:31 2014	(r374532)
@@ -3,6 +3,7 @@
 
 PORTNAME=	tor
 DISTVERSION=	0.2.6.1-alpha
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR
 PKGNAMESUFFIX=	-devel

Modified: head/security/tor-devel/files/pkg-message.in
==============================================================================
--- head/security/tor-devel/files/pkg-message.in	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor-devel/files/pkg-message.in	Thu Dec 11 13:57:31 2014	(r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor
 
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================

Modified: head/security/tor/Makefile
==============================================================================
--- head/security/tor/Makefile	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor/Makefile	Thu Dec 11 13:57:31 2014	(r374532)
@@ -3,6 +3,7 @@
 
 PORTNAME=	tor
 DISTVERSION=	0.2.5.10
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR
 

Modified: head/security/tor/files/pkg-message.in
==============================================================================
--- head/security/tor/files/pkg-message.in	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor/files/pkg-message.in	Thu Dec 11 13:57:31 2014	(r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor
 
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================

More information about the svn-ports-head mailing list