svn commit: r374532 - in head/security: tor tor-devel tor-devel/files tor/files
Brendan Fabeny
bf at FreeBSD.org
Thu Dec 11 13:57:33 UTC 2014
Author: bf
Date: Thu Dec 11 13:57:31 2014
New Revision: 374532
URL: https://svnweb.freebsd.org/changeset/ports/374532
QAT: https://qat.redports.org/buildarchive/r374532/
Log:
Warn about a vulnerability in the default configuration
PR: 195828
Modified:
head/security/tor-devel/Makefile
head/security/tor-devel/files/pkg-message.in
head/security/tor/Makefile
head/security/tor/files/pkg-message.in
Modified: head/security/tor-devel/Makefile
==============================================================================
--- head/security/tor-devel/Makefile Thu Dec 11 13:55:46 2014 (r374531)
+++ head/security/tor-devel/Makefile Thu Dec 11 13:57:31 2014 (r374532)
@@ -3,6 +3,7 @@
PORTNAME= tor
DISTVERSION= 0.2.6.1-alpha
+PORTREVISION= 1
CATEGORIES= security net ipv6
MASTER_SITES= TOR
PKGNAMESUFFIX= -devel
Modified: head/security/tor-devel/files/pkg-message.in
==============================================================================
--- head/security/tor-devel/files/pkg-message.in Thu Dec 11 13:55:46 2014 (r374531)
+++ head/security/tor-devel/files/pkg-message.in Thu Dec 11 13:57:31 2014 (r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
chmod -R 700 /var/db/tor
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
================================================================================
Modified: head/security/tor/Makefile
==============================================================================
--- head/security/tor/Makefile Thu Dec 11 13:55:46 2014 (r374531)
+++ head/security/tor/Makefile Thu Dec 11 13:57:31 2014 (r374532)
@@ -3,6 +3,7 @@
PORTNAME= tor
DISTVERSION= 0.2.5.10
+PORTREVISION= 1
CATEGORIES= security net ipv6
MASTER_SITES= TOR
Modified: head/security/tor/files/pkg-message.in
==============================================================================
--- head/security/tor/files/pkg-message.in Thu Dec 11 13:55:46 2014 (r374531)
+++ head/security/tor/files/pkg-message.in Thu Dec 11 13:57:31 2014 (r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
chmod -R 700 /var/db/tor
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
================================================================================
More information about the svn-ports-head
mailing list