Hello community, here is the log from the commit of package tor.2936 for openSUSE:13.1:Update checked in at 2014-08-11 09:45:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/tor.2936 (Old) and /work/SRC/openSUSE:13.1:Update/.tor.2936.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tor.2936" Changes: -------- New Changes file: --- /dev/null 2014-07-24 01:57:42.080040256 +0200 +++ /work/SRC/openSUSE:13.1:Update/.tor.2936.new/tor.changes 2014-08-11 09:45:20.000000000 +0200 @@ -0,0 +1,1971 @@ +------------------------------------------------------------------- +Wed Jul 30 22:52:17 UTC 2014 - [email protected] + +- Tor 0.2.4.23 [bnc#889688] [CVE-2014-5117] + Slows down the risk from guard rotation and backports several + important fixes from the Tor 0.2.5 alpha release series. +- Major features: + - Clients now look at the "usecreatefast" consensus parameter to + decide whether to use CREATE_FAST or CREATE cells for the first hop + of their circuit. This approach can improve security on connections + where Tor's circuit handshake is stronger than the available TLS + connection security levels, but the tradeoff is more computational + load on guard relays. + - Make the number of entry guards configurable via a new + NumEntryGuards consensus parameter, and the number of directory + guards configurable via a new NumDirectoryGuards consensus + parameter. +- Major bugfixes: + - Fix a bug in the bounds-checking in the 32-bit curve25519-donna + implementation that caused incorrect results on 32-bit + implementations when certain malformed inputs were used along with + a small class of private ntor keys. +- Minor bugfixes: + - Warn and drop the circuit if we receive an inbound 'relay early' + cell. + - Correct a confusing error message when trying to extend a circuit + via the control protocol but we don't know a descriptor or + microdescriptor for one of the specified relays. + - Avoid an illegal read from stack when initializing the TLS module + using a version of OpenSSL without all of the ciphers used by the + v2 link handshake. + +------------------------------------------------------------------- +Mon May 19 22:06:52 UTC 2014 - [email protected] + +- tor 0.2.4.22 [bnc#878486] + Tor was updated to the recommended version of the 0.2.4.x series. +- major features in 0.2.4.x: + - improved client resilience + - support better link encryption with forward secrecy + - new NTor circuit handshake + - change relay queue for circuit create requests from size-based + limit to time-based limit + - many bug fixes and minor features +- changes contained in 0.2.4.22: + Backports numerous high-priority fixes. These include blocking + all authority signing keys that may have been affected by the + OpenSSL "heartbleed" bug, choosing a far more secure set of TLS + ciphersuites by default, closing a couple of memory leaks that + could be used to run a target relay out of RAM. + - Major features (security) + - Block authority signing keys that were used on authorities + vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). + - Major bugfixes (security, OOM): + - Fix a memory leak that could occur if a microdescriptor parse + fails during the tokenizing step. + - Major bugfixes (TLS cipher selection): + - The relay ciphersuite list is now generated automatically based + on uniform criteria, and includes all OpenSSL ciphersuites with + acceptable strength and forward secrecy. + - Relays now trust themselves to have a better view than clients + of which TLS ciphersuites are better than others. + - Clients now try to advertise the same list of ciphersuites as + Firefox 28. +- includes changes from 0.2.4.21: + Further improves security against potential adversaries who find + breaking 1024-bit crypto doable, and backports several stability + and robustness patches from the 0.2.5 branch. + - Major features (client security): + - When we choose a path for a 3-hop circuit, make sure it contains + at least one relay that supports the NTor circuit extension + handshake. Otherwise, there is a chance that we're building + a circuit that's worth attacking by an adversary who finds + breaking 1024-bit crypto doable, and that chance changes the game + theory. + - Major bugfixes: + - Do not treat streams that fail with reason + END_STREAM_REASON_INTERNAL as indicating a definite circuit failure, + since it could also indicate an ENETUNREACH connection error +- includes changes from 0.2.4.20: + - Do not allow OpenSSL engines to replace the PRNG, even when + HardwareAccel is set. + - Fix assertion failure when AutomapHostsOnResolve yields an IPv6 + address. + - Avoid launching spurious extra circuits when a stream is pending. +- packaging changes: + - remove init script shadowing systemd unit + - general cleanup + - Add tor-fw-helper for UPnP port forwarding; not used by default + - fix logrotate on systemd-only setups without init scripts, + work tor-0.2.2.37-logrotate.patch to tor-0.2.4.x-logrotate.patch + - verify source tarball signature + +------------------------------------------------------------------- +Mon Jan 20 20:55:12 UTC 2014 - [email protected] + +- fixes potentially poor random number generation for users who + 1) use OpenSSL 1.0.0 or later, + 2) set "HardwareAccel 1" in their torrc file, + 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors + and + 4) have no state file in their DataDirectory (as would happen on + first start). + Users who generated relay or hidden service identity keys in such + a situation should discard them and generate new ones. + No 2 is not the default configuration for openSUSE. + [bnc#859421] [CVE-2013-7295] +- added patches: + * tor-0.2.3.x-CVE-2013-7295.patch + +------------------------------------------------------------------- +Tue Nov 27 21:46:02 UTC 2012 - [email protected] + +- update to 0.2.3.25, the first stable release in the 0.2.3 branch + + significantly reduced directory overhead (via microdescriptors) + + enormous crypto performance improvements for fast relays on new + enough hardware + + new v3 TLS handshake protocol that can better resist + fingerprinting + + support for protocol obfuscation plugins (pluggable transports) + + better scalability for hidden services + + IPv6 support for bridges + + performance improvements + + new "stream isolation" design to isolate different applications + on different circuits + + many stability, security, and privacy fixes + + Complete list of changes enumerated in: + https://lists.torproject.org/pipermail/tor-talk/2012-November/026554.html + https://gitweb.torproject.org/tor.git/blob/267c0e5aa14deeb2ca0d7997b4ef5a5c2bbf5fd4:/ReleaseNotes + + Tear down the circuit when receiving an unexpected SENDME cell. + [bnc#791374] CVE-2012-5573 +- build using --enable-bufferevents provided by Libevent 2.0.13 + +------------------------------------------------------------------- +Tue Nov 20 09:07:23 UTC 2012 - [email protected] + +- Fix useradd invocation: -o is useless without -u and newer + versions of pwdutils/shadowutils fail on this now. + +------------------------------------------------------------------- +Sat Sep 15 14:08:49 UTC 2012 - [email protected] + +- update to 0.2.2.39 [bnc#780620] + Changes in version 0.2.2.39 - 2012-09-11 + Tor 0.2.2.39 fixes two more opportunities for remotely triggerable + assertions. + + o Security fixes: + - Fix an assertion failure in tor_timegm() that could be triggered + by a badly formatted directory object. + CVE-2012-4922 + - Do not crash when comparing an address with port value 0 to an + address policy. This bug could have been used to cause a remote + assertion failure by or against directory authorities, or to + allow some applications to crash clients. + CVE-2012-4419 + +------------------------------------------------------------------- +Mon Aug 20 19:11:57 UTC 2012 - [email protected] + +- update to 0.2.2.38 [bnc#776642] + Changes in version 0.2.2.38 - 2012-08-12 + Tor 0.2.2.38 fixes a rare race condition that can crash exit relays; + fixes a remotely triggerable crash bug; and fixes a timing attack that + could in theory leak path information. + o Security fixes: + - Avoid read-from-freed-memory and double-free bugs that could occur + when a DNS request fails while launching it. + CVE-2012-3517 + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. + CVE-2012-3518 + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. Previously, a Tor client would + stop iterating through the list of available relays as soon as it + had chosen one, thus finishing a little earlier when it picked + a router earlier in the list. If an attacker can recover this + timing information (nontrivial but not proven to be impossible), + they could learn some coarse-grained information about which relays + a client was picking (middle nodes in particular are likelier to + be affected than exits). The timing attack might be mitigated by + other factors, but it's best not to take chances. + CVE-2012-3519 + +------------------------------------------------------------------- +Fri Jun 15 19:45:01 UTC 2012 - [email protected] + +- add tor-0.2.2.37-logrotate.patch : add su option to logrotate to + fix W: suse-logrotate-user-writable-log-dir in Factory + +------------------------------------------------------------------- +Wed Jun 13 11:22:11 UTC 2012 - [email protected] + +- update to 0.2.2.37 + Changes in version 0.2.2.37 - 2012-06-06 + Tor 0.2.2.37 introduces a workaround for a critical renegotiation ++++ 1774 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.tor.2936.new/tor.changes New: ---- tor-0.2.4.23.tar.gz tor-0.2.4.23.tar.gz.asc tor-0.2.4.x-logrotate.patch tor.changes tor.keyring tor.service tor.spec tor.tmpfiles ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tor.spec ++++++ # # spec file for package tor # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define with_bufferevents 0%{?suse_version} > 1220 %define with_systemd 0%{?suse_version} > 1140 %define with_upnp 0%{?suse_version} >= 1220 %define toruser %{name} %define torgroup %{name} %define home_dir %{_localstatedir}/lib/empty Name: tor Version: 0.2.4.23 Release: 0 Summary: Anonymizing overlay network for TCP (The onion router) License: BSD-3-Clause Group: Productivity/Networking/Security Url: https://www.torproject.org/ Source0: https://www.torproject.org/dist/%{name}-%{version}.tar.gz Source1: https://www.torproject.org/dist/%{name}-%{version}.tar.gz.asc # https://www.torproject.org/docs/signing-keys.html.en Source2: tor.keyring Source3: tor.service Source4: tor.tmpfiles Patch0: tor-0.2.4.x-logrotate.patch %if %{with_upnp} BuildRequires: libminiupnpc-devel %endif BuildRequires: openssl-devel BuildRequires: pwdutils Requires: logrotate PreReq(post): %fillup_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build # %if %{with_bufferevents} BuildRequires: pkgconfig(libevent) >= 2.0.13 %endif # with_bufferevents %if %{?suse_version} > 1210 BuildRequires: pkgconfig(libevent) %else BuildRequires: libevent-devel %endif %if 0%{?with_systemd} BuildRequires: pkgconfig(systemd) %{?systemd_requires} %endif # %description Tor is a connection-based low-latency anonymous communication system. This package provides the "tor" program, which serves as both a client and a relay node. Scripts will automatically create a "%{toruser}" user and a "%{torgroup}" group, and set tor up to run as a daemon when the system is rebooted. Applications connect to the local Tor proxy using the SOCKS protocol. The tor client chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each relay, which reveals the downstream relay. Warnings: Tor does no protocol cleaning. That means there is a danger that application protocols and associated programs can be induced to reveal information about the initiator. Tor depends on Privoxy or similar protocol cleaners to solve this problem. This is alpha code, and is even more likely than released code to have anonymity-spoiling bugs. The present network is small -- this further reduces the strength of the anonymity provided. Tor is not presently suitable for high-stakes anonymity. %prep %setup -q %patch0 -p1 %build %configure \ --with-tor-user=%{toruser} \ --with-tor-group=%{torgroup} \ %if %{with_upnp} --enable-upnp \ %endif %if %{with_bufferevents} --enable-bufferevents \ %endif --docdir=%{_docdir}/%{name} make %{?_smp_mflags} %install make DESTDIR=%{buildroot} install %{?_smp_mflags} # missing dirs install -d -m 700 \ %{buildroot}%{_localstatedir}/lib/%{name} \ %{buildroot}%{_localstatedir}/tmp/%{name} install -d -m 755 \ %{buildroot}%{_localstatedir}/run/%{name} \ %{buildroot}%{_localstatedir}/log/%{name} \ %{buildroot}/%{_sbindir} %if 0%{?with_systemd} install -m 644 -D %{SOURCE3} %{buildroot}/%{_unitdir}/%{name}.service install -d -m 0755 %{buildroot}%{_libexecdir}/tmpfiles.d/ install -m 0644 %{SOURCE4} %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf ln -s -f service %{buildroot}%{_sbindir}/rc%{name} %else # init script install -D -m 755 contrib/suse/tor.sh %{buildroot}/%{_initddir}/%{name} ln -s -f ../..%{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name} %endif # control script install -p -m 755 contrib/torctl %{buildroot}/%{_bindir} # sample config file install -p -m 644 src/config/torrc.sample %{buildroot}/%{_sysconfdir}/%{name}/torrc.sample # logrotate conf sed -i -e "s|_tor|tor|g" contrib/tor.logrotate install -D -m 644 contrib/tor.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/%{name} %pre getent group %{torgroup} >/dev/null || groupadd -r %{torgroup} getent passwd %{toruser} >/dev/null || useradd -r -g %{torgroup} -d %{home_dir} -s /sbin/false -c "User to ru %{name}" %{toruser} %if 0%{?with_systemd} %service_add_pre tor.service %endif %post %if 0%{?with_systemd} %fillup_only %service_add_post tor.service systemd-tmpfiles --create %{_libexecdir}/tmpfiles.d/tor.conf %else %fillup_and_insserv tor %endif %preun %if 0%{?with_systemd} %service_del_preun tor.service %else %stop_on_removal tor %endif %postun %if 0%{?with_systemd} %service_del_postun tor.service %else %insserv_cleanup %restart_on_update tor %endif %files %defattr(-,root,root) %doc LICENSE README ChangeLog doc/HACKING doc/*.html %doc %{_mandir}/man*/* %{_bindir}/%{name} %{_bindir}/%{name}ctl %{_bindir}/%{name}ify %{_bindir}/%{name}-gencert %{_bindir}/%{name}-resolve %if %{with_upnp} %{_bindir}/%{name}-fw-helper %endif %dir %{_datadir}/%{name} %{_datadir}/%{name}/geoip* %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name} %dir %attr(0755,root,%{torgroup}) %{_sysconfdir}/%{name} %config(noreplace) %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/* %attr(0700,%{toruser},%{torgroup}) %dir %{_localstatedir}/lib/%{name} %ghost %attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/run/%{name} %attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/log/%{name} %if 0%{?with_systemd} %{_unitdir}/%{name}.service %{_libexecdir}/tmpfiles.d/%{name}.conf %else %config %{_initddir}/%{name} %endif %{_sbindir}/rc%{name} %changelog ++++++ tor-0.2.4.x-logrotate.patch ++++++ From: Andreas Stieger <[email protected]> Subject: openSUSE specific logrotate fixes Date: Sun, 18 May 2014 00:10:32 +0100 Upstream: no References: * add su to logrotate config to fix W: suse-logrotate-user-writable-log-dir * use "service tor" instead of "/etc/init.d/tor" to reload after logrotate to fix logrotate on systemd-only setups without init script (by seife) --- contrib/tor.logrotate.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: tor-0.2.4.22/contrib/tor.logrotate.in =================================================================== --- tor-0.2.4.22.orig/contrib/tor.logrotate.in 2013-01-16 06:47:59.000000000 +0000 +++ tor-0.2.4.22/contrib/tor.logrotate.in 2014-05-18 00:09:09.000000000 +0100 @@ -7,8 +7,9 @@ notifempty # you may need to change the username/groupname below create 0640 _tor _tor + su _tor _tor sharedscripts postrotate - /etc/init.d/tor reload > /dev/null + /usr/sbin/service tor reload > /dev/null endscript } ++++++ tor.keyring ++++++ ++++ 3019 lines (skipped) ++++++ tor.service ++++++ [Unit] Description = Anonymizing overlay network for TCP After = syslog.target network.target nss-lookup.target [Service] Type=forking ExecStart=/usr/bin/torctl start ExecReload=/usr/bin/torctl reload ExecStop=/usr/bin/torctl stop TimeoutSec=30 Restart=on-failure LimitNOFILE=32768 [Install] WantedBy=multi-user.target ++++++ tor.tmpfiles ++++++ D /var/run/tor 0755 tor tor - -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
