-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 08 Jun 2017 20:19:22 +0200 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: source all Version: 0.2.5.14-1 Distribution: jessie-security Urgency: medium Maintainer: Peter Palfrader <weasel@debian.org> Changed-By: Peter Palfrader <weasel@debian.org> Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - GeoIP database for Tor Closes: 864424 Changes: tor (0.2.5.14-1) jessie-security; urgency=medium . * New upstream version, fixing a hidden service related Denial of Service bug: - Fix a remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. (closes: #864424) * The previous release, 0.2.5.13, already incorporates the changes made in Debian's updates of the 0.2.5.12 version. Therefore, drop - debian/patches/tor-bug-20384-TROVE-2016-10-001 - debian/patches/tor-bug-21018-TROVE-2016-12-002-CVE-2016-1254 - debian/patches/update-authority-set Checksums-Sha1: 12a3d1b7f9d69bce58271ecda9fd1f12b51f5520 1761 tor_0.2.5.14-1.dsc f623ab0866a7a9ab881c81f9cbdbea59f821a88d 3685957 tor_0.2.5.14.orig.tar.gz be3484574c906b7cacf00362a4271c66980e70b0 35155 tor_0.2.5.14-1.diff.gz e7b34125211ff9e268b18cb85753208254f9df95 1015592 tor-geoipdb_0.2.5.14-1_all.deb Checksums-Sha256: e6b7f0a197d95764917de7e55d10715ef57f1ffb014df99e04b9a56f8c8324a3 1761 tor_0.2.5.14-1.dsc 114f6925add7ab88ea36aea0229f9b9b7c05971d2316b040b3811350f7f3ff34 3685957 tor_0.2.5.14.orig.tar.gz 47acb67c827a5b6d31441155337b16f25938758d953c863c1a2cf2d654f1d79e 35155 tor_0.2.5.14-1.diff.gz ac4a50ed2d72f144f66a287cc21e8134b6f5e7c8b7cf4ce965d190d7d8f63693 1015592 tor-geoipdb_0.2.5.14-1_all.deb Files: 58bc512b55a7be961fea1722c94214b9 1761 net optional tor_0.2.5.14-1.dsc 388484043ded7963c24d8edddd71bf07 3685957 net optional tor_0.2.5.14.orig.tar.gz 4c7457ad31fff946bc41d9fe20d6dfeb 35155 net optional tor_0.2.5.14-1.diff.gz cd5b6da1102d9d9366a73e6d0d173323 1015592 net extra tor-geoipdb_0.2.5.14-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJZOZ6lAAoJEIYCyCA4cjMft90IAJ4rOtT+39m+KeVoyBTx2A9z xan24457x0P5Jr6zdlpFLyNj9vtC5e4igtPrt/nAqJGRIskMEm3eRUozLkLZuaoL U29SX2BMkqfcvOyRK3CIzS4oQ5IYWMMsfXBlDA6K2o3cU6s+vIuIrjSC55M3lfoE lZxJCOpwzAT86ldX8GsDnkf0jnegpGTNmgONCdLNKHk8FSq9/15WCS8Xdkt6eSOy v2Nxq7sE7WKpBEcFoqNCTIDt2/l/owg8QnCq3PJzeWt0kv6blhbF5y8GBXNHXndo YIDBzjbdcHT3MPLb0MPzJ8/km7ChGJzUnUUE+A+uhxZf/0uNPD+WUc5YW/AxVPk= =FBqb -----END PGP SIGNATURE-----
