On Sun, 03 Jul 2005, Romain Chantereau wrote:
> Package: tor
> Version: 0.0.9.10-1
> Severity: normal
>
> The Tor 0.1.0.10 release from a few days ago includes a fix for a bug
> that might allow an attacker to read arbitrary memory (maybe even keys)
> from an exit server's process space. We haven't heard any reports of
> exploits yet, but hey.
That bug is also fixed in 0.0.9.10.
> Another thing is that the new version allow to use HTTP and HTTPS proxy in
> order
> to access to the Internet.
>
> This is a major and important functionality.
>
> Please upgrade the tor package.
I'm just waitinf for 0.0.9.10 to reach sarge. I already have packages
(and had for months) for the 0.1.0.x tree and will upload them shortly.
--
PGP signed and encrypted | .''`. ** Debian GNU/Linux **
messages preferred. | : :' : The universal
| `. `' Operating System
http://www.palfrader.org/ | `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
