Hello community, here is the log from the commit of package tor for openSUSE:Factory checked in at 2017-05-20 10:13:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tor (Old) and /work/SRC/openSUSE:Factory/.tor.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tor" Sat May 20 10:13:27 2017 rev:54 rq:495128 version:0.3.0.7 Changes: -------- --- /work/SRC/openSUSE:Factory/tor/tor.changes 2017-04-28 09:14:17.341742448 +0200 +++ /work/SRC/openSUSE:Factory/.tor.new/tor.changes 2017-05-20 10:13:30.229234944 +0200 @@ -1,0 +2,16 @@ +Tue May 16 00:26:43 UTC 2017 - [email protected] + +- tor 0.3.0.7: + * Fix an assertion failure in the hidden service directory code, + which could be used by an attacker to remotely cause a Tor + relay process to exit. TROVE-2017-002 bsc#1039211 + * Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + * Tor no longer refuses to download microdescriptors or + descriptors if they are listed as "published in the future" + * The getpid() system call is now permitted under the Linux + seccomp2 sandbox, to avoid crashing with versions of OpenSSL + (and other libraries) that attempt to learn the process's PID + by using the syscall rather than the VDSO code + +------------------------------------------------------------------- Old: ---- tor-0.3.0.6.tar.gz tor-0.3.0.6.tar.gz.asc New: ---- tor-0.3.0.7.tar.gz tor-0.3.0.7.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tor.spec ++++++ --- /var/tmp/diff_new_pack.xBRpMt/_old 2017-05-20 10:13:30.981128708 +0200 +++ /var/tmp/diff_new_pack.xBRpMt/_new 2017-05-20 10:13:30.985128143 +0200 @@ -20,7 +20,7 @@ %define torgroup %{name} %define home_dir %{_localstatedir}/lib/empty Name: tor -Version: 0.3.0.6 +Version: 0.3.0.7 Release: 0 Summary: Anonymizing overlay network for TCP (The onion router) License: BSD-3-Clause ++++++ tor-0.3.0.6.tar.gz -> tor-0.3.0.7.tar.gz ++++++ ++++ 13886 lines of diff (skipped)
