Hello community, here is the log from the commit of package tor for openSUSE:Leap:15.2 checked in at 2020-03-21 16:46:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/tor (Old) and /work/SRC/openSUSE:Leap:15.2/.tor.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tor" Sat Mar 21 16:46:49 2020 rev:24 rq:786984 version:0.4.2.7 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/tor/tor.changes 2020-02-04 17:59:30.992933909 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.tor.new.3160/tor.changes 2020-03-21 16:48:08.493689215 +0100 @@ -1,0 +2,9 @@ +Wed Mar 18 20:52:20 UTC 2020 - Bernhard Wiedemann <[email protected]> + +- tor 0.4.2.7 + * CVE-2020-10592: CPU consumption DoS and timing patterns (boo#1167013) + * CVE-2020-10593: circuit padding memory leak (boo#1167014) + * Directory authorities now signal bandwidth pressure to clients + * Avoid excess logging on bug when flushing a buffer to a TLS connection + +------------------------------------------------------------------- Old: ---- tor-0.4.2.6.tar.gz tor-0.4.2.6.tar.gz.asc New: ---- tor-0.4.2.7.tar.gz tor-0.4.2.7.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tor.spec ++++++ --- /var/tmp/diff_new_pack.s6D5pQ/_old 2020-03-21 16:48:09.033689556 +0100 +++ /var/tmp/diff_new_pack.s6D5pQ/_new 2020-03-21 16:48:09.037689559 +0100 @@ -20,7 +20,7 @@ %define torgroup %{name} %define home_dir %{_localstatedir}/lib/empty Name: tor -Version: 0.4.2.6 +Version: 0.4.2.7 Release: 0 Summary: Anonymizing overlay network for TCP (The onion router) License: BSD-3-Clause ++++++ tor-0.4.2.6.tar.gz -> tor-0.4.2.7.tar.gz ++++++ /work/SRC/openSUSE:Leap:15.2/tor/tor-0.4.2.6.tar.gz /work/SRC/openSUSE:Leap:15.2/.tor.new.3160/tor-0.4.2.7.tar.gz differ: char 13, line 1
