-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 02 Jun 2010 16:40:16 +0200 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: source all i386 Version: 0.2.1.26-1~lennyvolatile1 Distribution: lenny-volatile Urgency: critical Maintainer: Peter Palfrader <weasel@debian.org> Changed-By: Peter Palfrader <weasel@debian.org> Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Closes: 447508 448001 468566 495829 514579 514580 538960 570197 Changes: tor (0.2.1.26-1~lennyvolatile1) lenny-volatile; urgency=low . * Upload to lenny-volatile. The 0.2.0.x tree in debian stable (lenny) is end-of-lifed by upstream. . These versions still work for now as we have updated the list of authority keys that come with Tor to keep our packages functional. However, there are significant benefits to running a more current version. . If servers that currently run our 0.2.0.x package upgrade to a newer version the network as a whole should become faster. If clients upgrade they should pick smarter paths through the network. . Access to hidden services might be completely broken or at least unreliable for old clients; Updating to the 0.2.1.x tree restores that functionality. . tor (0.2.1.26-1) unstable; urgency=low . * New upstream version. * Remove debian/patches/15_testuite-thread-fixes (merged upstream). * tor.postinst: Stop calling stat(1) with its full path. * Add ${misc:Depends} for all three binary packages because debhelper might want to add stuff. . tor (0.2.1.25-3) unstable; urgency=low . * Minor bugfixes to make the testsuite work on our new Octeon machines: (taken from upstream's maint-0.2.1 branch) - Testsuite: In the util/threads test no longer free the test_mutex before all worker threads have finished. - Testsuite: The master thread could starve the worker threads quite badly on certain systems, causing them to run only partially in the allowed window. This resulted in test failures. Now the master thread sleeps occasionally for a few microseconds while the two worker-threads compete for the mutex. (both in debian/patches/15_testuite-thread-fixes) . tor (0.2.1.25-2) unstable; urgency=low . * In /etc/default/tor also source /etc/default/tor.vidalia if it exists and if vidalia is installed. We do this so that the vidalia package can override some of our settings: People who have vidalia installed might not want to run Tor as a system service. The vidalia .deb can ask them that and then set run-daemon to no. . tor (0.2.1.25-1) unstable; urgency=low . * New upstream version. - Obsoletes patches/15_enable_renegotiation_on_098k. * Change order of recommends from privoxy | polipo to polipo | privoxy. [change done in experimental (0.2.2.x) long ago). . tor (0.2.1.23-2) unstable; urgency=low . * Enable ssl renegotiation also on 0.9.8k (closes: #570197). . tor (0.2.1.23-1) unstable; urgency=low . * New upstream version. - We no longer need to build-depend on a recent libssl-dev because Tor now detects whether we need to explicitly turn on autonegotiation at run-time rather than compile time. Good. (This also means we no longer need to conflict with newer libssls when we built against an old one on backports.) . tor (0.2.1.22-1) unstable; urgency=medium . * New upstream version. - Rotate keys (both v3 identity and relay identity) for moria1 and gabelmoo. [and more] . tor (0.2.1.21-1) unstable; urgency=low . * New upstream version. * Drop patches/ce0a89e2-work-with-reneg-ssl.dpatch (already in upstream). . tor (0.2.1.20-2) unstable; urgency=low . * Pick ce0a89e2624471272ffc4950c5069d9b81a7f0b9 from maint-0.2.1 git tree: - work with libssl that has renegotiation disabled by default. (debian/patches/ce0a89e2-work-with-reneg-ssl.dpatch) * Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against earlier versions we will not work once libssl gets upgraded to a version that disabled renegotiations. . tor (0.2.1.20-1) unstable; urgency=low . * New upstream version. . tor (0.2.1.19-1) unstable; urgency=low . * New upstream version. - Make accessing hidden services on 0.2.1.x work right (closes: #538960). [More items are in the upstream changelog.] . tor (0.2.1.18-1) unstable; urgency=low . * New upstream version. . tor (0.2.1.17-rc-1) experimental; urgency=low . * New upstream version. * Update upstream URL in debian/copyright. . tor (0.2.1.16-rc-1) experimental; urgency=low . * New upstream version. * No longer inform the user if/when we re-create the /var/run/tor directory in the init script. With /var/run on tmpfs this is completely normal now so our message was just noise. * Stop shipping /var/run/tor in the package. * Only clean up permissions of /var/run/tor in postinst if the directory actually exists. * Update Standards-Version from 3.8.0 to 3.8.1. No real changes required, we already support nocheck in DEB_BUILD_OPTIONS since August 2004, and we already create our var/run directory in the init script (tho we now no longer ship it either - see above). * Change debhelper compatibility version from 4 to 5: - Change dh_strip call from --dbg-package=tor to --dbg-package=tor-dbg. - Update versioned build time dependency on debhelper. * Forward port 06_add_compile_time_defaults. . tor (0.2.1.15-rc-1) experimental; urgency=low . * New upstream version. * Change build time dependency on gs to ghostscript. . tor (0.2.1.14-rc-1) experimental; urgency=low . * New upstream version. * Change Section of tor-dbg to debug. . tor (0.2.1.13-alpha-1) experimental; urgency=low . * New upstream version. . tor (0.2.1.12-alpha-1) experimental; urgency=low . * New upstream version, fixing several security relevant bugs: - Avoid a potential crash on exit nodes when processing malformed input. Remote DoS opportunity (closes: #514579). - Fix a temporary DoS vulnerability that could be performed by a directory mirror (closes: #514580). * patches/06_add_compile_time_defaults: Only set the User option in the config if we run as root. Do not set it when run as debian-tor as Tor then always insists on changing users which will fail. (If we run as any other user we don't set our debian defaults anyway.) . tor (0.2.1.11-alpha-1) experimental; urgency=high . * New upstream version: - Fixes a possible remote heap buffer overflow bug. - torify(1) manpage mentions DNS leaks now (closes: #495829). * README.Debian: No longer claim we change the default 'Group' setting when run as debian-user. That setting no longer exists. * Forward port 03_tor_manpage_in_section_8.dpatch. . tor (0.2.1.10-alpha-1) experimental; urgency=low . * New alpha release. * Forward port 03_tor_manpage_in_section_8.dpatch. . tor (0.2.1.9-alpha-1) experimental; urgency=low . * New alpha release. . tor (0.2.1.8-alpha-1) experimental; urgency=low . * New alpha release. . tor (0.2.1.7-alpha-2) experimental; urgency=low . * No longer set now obsolete Group setting in built-in debian config. . tor (0.2.1.7-alpha-1) experimental; urgency=low . * New alpha release. . tor (0.2.1.6-alpha-1) experimental; urgency=low . * New alpha release. * Forward port 14_fix_geoip_warning.dpatch. . tor (0.2.1.5-alpha-1) experimental; urgency=low . * New alpha release. . tor (0.2.1.4-alpha-1) experimental; urgency=low . * New alpha release. * Do not build with openbsd's malloc unless enable-openbsd-malloc is in DEB_BUILD_OPTIONS. . tor (0.2.1.2-alpha-1) experimental; urgency=low . * New alpha release. Checksums-Sha1: 713a716b4376b61edc4a32c140ea6f751433b94d 1228 tor_0.2.1.26-1~lennyvolatile1.dsc 87af7aa658774031d181340848a875e4fd8e27bf 2405749 tor_0.2.1.26.orig.tar.gz da432b58593006853a7824b16ab81a40b52e9276 81887 tor_0.2.1.26-1~lennyvolatile1.diff.gz 11dd8a973dfc7dec82429e40ddd9cfe89719b276 804522 tor-geoipdb_0.2.1.26-1~lennyvolatile1_all.deb 9ec6c3c8fb0406a75a70baa22251c7d776f585a8 1318472 tor_0.2.1.26-1~lennyvolatile1_i386.deb a8f5cac005c2ffdaa71a14a1825e724767397fa6 914498 tor-dbg_0.2.1.26-1~lennyvolatile1_i386.deb Checksums-Sha256: 5768184153002959df2963f4d4467856e543d5c79eff4651cc02b77db2072f18 1228 tor_0.2.1.26-1~lennyvolatile1.dsc 6cdc60ed0b2e3eb790cbf37741a3c86a004f4f7c6678e25b9b936d6a340c7fa2 2405749 tor_0.2.1.26.orig.tar.gz 2162d095ca72c0e7315dc48ebb57a1578e47fb7792e1d9c71bbac58424ade0cd 81887 tor_0.2.1.26-1~lennyvolatile1.diff.gz 830c849a32f43fb62013651a848e03de4f4c7044865b909db26ca89c7cd3ae86 804522 tor-geoipdb_0.2.1.26-1~lennyvolatile1_all.deb b61eaca3ad45a3b61fcd207cbcde4b7b9a5404e51ab949e64adceba3c3017400 1318472 tor_0.2.1.26-1~lennyvolatile1_i386.deb 9d416d41b7a8740158c5ebef71bc3f33da248e3d7c84b718b3f5cbdeda2a69f7 914498 tor-dbg_0.2.1.26-1~lennyvolatile1_i386.deb Files: 4a43dc0aa0f5a283b75c2dc2db13ba3b 1228 comm optional tor_0.2.1.26-1~lennyvolatile1.dsc f7b30a144e1da41aa43f496bd47ffba7 2405749 comm optional tor_0.2.1.26.orig.tar.gz eb56c98166b839838f7e586070b736ee 81887 comm optional tor_0.2.1.26-1~lennyvolatile1.diff.gz fb58aa31f4779848e381933919916cc6 804522 comm extra tor-geoipdb_0.2.1.26-1~lennyvolatile1_all.deb 52665a11785356e025b318fc16bcd6af 1318472 comm optional tor_0.2.1.26-1~lennyvolatile1_i386.deb 1ad941e49f4279a90ce3d2cc4e7253b6 914498 debug extra tor-dbg_0.2.1.26-1~lennyvolatile1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkwGhsAACgkQz/ccs6+kS90JgQCcDv+CcJv1uXBupOLCh4yNye28 SrYAn3AoOlpu9oAqFBvuEo1wWujI+36T =AQYt -----END PGP SIGNATURE----- Accepted: tor-dbg_0.2.1.26-1~lennyvolatile1_i386.deb to pool/volatile/main/t/tor/tor-dbg_0.2.1.26-1~lennyvolatile1_i386.deb tor-geoipdb_0.2.1.26-1~lennyvolatile1_all.deb to pool/volatile/main/t/tor/tor-geoipdb_0.2.1.26-1~lennyvolatile1_all.deb tor_0.2.1.26-1~lennyvolatile1.diff.gz to pool/volatile/main/t/tor/tor_0.2.1.26-1~lennyvolatile1.diff.gz tor_0.2.1.26-1~lennyvolatile1.dsc to pool/volatile/main/t/tor/tor_0.2.1.26-1~lennyvolatile1.dsc tor_0.2.1.26-1~lennyvolatile1_i386.deb to pool/volatile/main/t/tor/tor_0.2.1.26-1~lennyvolatile1_i386.deb tor_0.2.1.26.orig.tar.gz to pool/volatile/main/t/tor/tor_0.2.1.26.orig.tar.gz
