ports/123664: [PATCH]security/tor-devel: update to 0.2.0.26-rc
bf
bf2006a at yahoo.com
Wed May 14 08:20:03 UTC 2008
>Number: 123664
>Category: ports
>Synopsis: [PATCH]security/tor-devel: update to 0.2.0.26-rc
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed May 14 08:20:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: bf
>Release: 7-STABLE i386
>Organization:
-
>Environment:
>Description:
This update fixes a serious security problem, and a vuxml entry should be added detailing the vulnerability.
The ChangeLog in the distfile describes the problem: basically, three major directory authorities used vulnerable SSL keys that have been compromised, and the update contains a means of working around this problem, and of dealing with similar problems in the future.
All users should upgrade as soon as possible.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruN tor-devel.orig/Makefile tor-devel/Makefile
--- tor-devel.orig/Makefile 2008-05-14 02:52:37.934754876 -0400
+++ tor-devel/Makefile 2008-05-14 03:37:53.370283973 -0400
@@ -6,7 +6,7 @@
#
PORTNAME= tor
-DISTVERSION= 0.2.0.25-rc
+DISTVERSION= 0.2.0.26-rc
CATEGORIES= security net
MASTER_SITES= http://www.torproject.org/dist/ \
http://mirror.onionland.org/dist/
diff -ruN tor-devel.orig/distinfo tor-devel/distinfo
--- tor-devel.orig/distinfo 2008-05-14 02:52:37.934754876 -0400
+++ tor-devel/distinfo 2008-05-14 03:37:53.370283973 -0400
@@ -1,3 +1,3 @@
-MD5 (tor-0.2.0.25-rc.tar.gz) = c9fa4f72a1f890f55a54d52f946688dd
-SHA256 (tor-0.2.0.25-rc.tar.gz) = 34533a925894b9bb33aeb6e93b6a4a00c4a025b23f3f90f6c691e7ba7e3d4e87
-SIZE (tor-0.2.0.25-rc.tar.gz) = 1544463
+MD5 (tor-0.2.0.26-rc.tar.gz) = aa1179fab4dc69a10278e70729681053
+SHA256 (tor-0.2.0.26-rc.tar.gz) = 11b1e091da329c2a447f1bda85d79f9493968dfc463f039401324de8237e7369
+SIZE (tor-0.2.0.26-rc.tar.gz) = 1558724
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list