Bug#988634: unblock: tor/0.4.5.8-1
tags -1 - moreinfo On Mon, 17 May 2021, Sebastian Ramacher wrote: > On 2021-05-17 06:53:02 +, Peter Palfrader wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: unblock > > > > I would like to update Tor in bullseye from 0.4.5.7-1 to 0.4.5.8-1. > > Tor 0.4.5.8 is an upstream stable release. > > ACK, please remove the moreinfo tag once the new version is available in > unstable. Thanks! The package has been uploaded to unstable, accepted, built, and installed. For reference, here is the interdiff between the .diff.gz files. diffstat: changelog |6 + micro-revision.i |2 - misc/build-tor-sources | 57 - 3 files changed, 7 insertions(+), 58 deletions(-) Note that debian/misc/build-tor-sources is only used locally in preparing the source package; it is not used when building the Debian binary packages from the Debian source. Cheers, weasel diff -u tor-0.4.5.7/debian/changelog tor-0.4.5.8/debian/changelog --- tor-0.4.5.7/debian/changelog +++ tor-0.4.5.8/debian/changelog @@ -1,3 +1,9 @@ +tor (0.4.5.8-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Wed, 19 May 2021 08:51:43 +0200 + tor (0.4.5.7-1) unstable; urgency=high * New upstream version, fixes two security issues: diff -u tor-0.4.5.7/debian/micro-revision.i tor-0.4.5.8/debian/micro-revision.i --- tor-0.4.5.7/debian/micro-revision.i +++ tor-0.4.5.8/debian/micro-revision.i @@ -1 +1 @@ -"db2cbdb54bf4485d" +"e0a924350405684c" diff -u tor-0.4.5.7/debian/misc/build-tor-sources tor-0.4.5.8/debian/misc/build-tor-sources --- tor-0.4.5.7/debian/misc/build-tor-sources +++ tor-0.4.5.8/debian/misc/build-tor-sources @@ -101,13 +101,6 @@ fi } -remove_libzstd() { - if grep -q libzstd-dev debian/control; then - sed -i -e '/^Build-Depends/ s/, *libzstd-dev\( *\[[^]]*\]\)\?//' debian/control - dch --append "Remove libzstd-dev build dependency for backport." - fi -} - remove_runit() { if grep -q dh-runit debian/control; then sed -i -e '/^Build-Depends/ s/, *dh-runit\([^,]*\)\?//' debian/control @@ -121,47 +114,6 @@ sed -i -e '/^Build-Depends/ s/debhelper [^,]*, */debhelper (>= 9.20160114), dh-systemd [linux-any], /' debian/control } -old_debug_pkg() { - # do not mess with debian/control for 0.2.x. packages that already/still have a tor-dbg defined there. - grep -x 'Package: tor-dbg' debian/control && return - - patch debian/rules << EOF -diff --git a/debian/rules b/debian/rules -index 6950e6d3c..af002ae52 100755 a/debian/rules -+++ b/debian/rules -@@ -70,7 +70,10 @@ override_dh_install-arch: - cp debian/tor.apparmor-profile.abstraction debian/tor/etc/apparmor.d/abstractions/tor - dh_apparmor --profile-name=system_tor -ptor - -+override_dh_installdocs: -+ dh_installdocs -ptor-dbg --link-doc=tor -+ dh_installdocs - override_dh_strip: -- dh_strip --dbgsym-migration='tor-dbg (<< 0.3.1.5-alpha)' -+ dh_strip --dbg-package=tor-dbg - override_dh_installinit: - dh_installinit --error-handler=tor_error_init -EOF - cat >> debian/control << 'EOF' - -Package: tor-dbg -Architecture: any -Depends: tor (= ${binary:Version}), ${misc:Depends} -Suggests: gdb -Priority: extra -Section: debug -Description: debugging symbols for Tor - This package provides the debugging symbols for Tor, The Onion Router. - Those symbols allow your debugger to assign names to your backtraces, which - makes it somewhat easier to interpret core dumps. -EOF - - dch --append "Restore building of tor-dbg." - sed -i -e '/^Build-Depends/ s/debhelper [^,]*, */debhelper (>= 9), /' debian/control - dch --append "Downgrade debhelper build dependency to just >= 9." -} - bp1() { @@ -194,15 +146,6 @@ # # null - # jessie - # - bp1 $pkg $dir $sid_debian_version jessie - (cd $dir; remove_libzstd) - (cd $dir; old_dh_systemd) - (cd $dir; old_debug_pkg) - (cd $dir; remove_runit) - bp2 $pkg $dir $origtar - # stretch # bp1 $pkg $dir $sid_debian_version stretch -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#988634: unblock: tor/0.4.5.8-1
Control: tags -1 moreinfo confirmed On 2021-05-17 06:53:02 +, Peter Palfrader wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > I would like to update Tor in bullseye from 0.4.5.7-1 to 0.4.5.8-1. > Tor 0.4.5.8 is an upstream stable release. ACK, please remove the moreinfo tag once the new version is available in unstable. Cheers > > > unblock tor/0.4.5.8-1 > > > Please let me know if I may upload to unstable. > > An upstream diff is attached. I cut the geoip databases and the fallback > directory mirror lists. The ./debian/ diff is expected to contain only an > update to the changelog. It does not yet exist, but I can provide it > when needed. > > The upstream changelog entry follows. > > Cheers, > > } Changes in version 0.4.5.8 - 2021-05-10 > } Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes > } from the 0.4.6.x series. > } > } o Minor features (compatibility, Linux seccomp sandbox, backport > } from 0.4.6.3-rc): > } - Add a workaround to enable the Linux sandbox to work correctly > } with Glibc 2.33. This version of Glibc has started using the > } fstatat() system call, which previously our sandbox did not allow. > } Closes ticket 40382; see the ticket for a discussion of trade-offs. > } > } o Minor features (compilation, backport from 0.4.6.3-rc): > } - Make the autoconf script build correctly with autoconf versions > } 2.70 and later. Closes part of ticket 40335. > } > } o Minor features (fallback directory list, backport from 0.4.6.2-alpha): > } - Regenerate the list of fallback directories to contain a new set > } of 200 relays. Closes ticket 40265. > } > } o Minor features (geoip data): > } - Update the geoip files to match the IPFire Location Database, as > } retrieved on 2021/05/07. > } > } o Minor features (onion services): > } - Add warning message when connecting to now deprecated v2 onion > } services. As announced, Tor 0.4.5.x is the last series that will > } support v2 onions. Closes ticket 40373. > } > } o Minor bugfixes (bridge, pluggable transport, backport from > 0.4.6.2-alpha): > } - Fix a regression that made it impossible start Tor using a bridge > } line with a transport name and no fingerprint. Fixes bug 40360; > } bugfix on 0.4.5.4-rc. > } > } o Minor bugfixes (build, cross-compilation, backport from 0.4.6.3-rc): > } - Allow a custom "ar" for cross-compilation. Our previous build > } script had used the $AR environment variable in most places, but > } it missed one. Fixes bug 40369; bugfix on 0.4.5.1-alpha. > } > } o Minor bugfixes (channel, DoS, backport from 0.4.6.2-alpha): > } - Fix a non-fatal BUG() message due to a too-early free of a string, > } when listing a client connection from the DoS defenses subsystem. > } Fixes bug 40345; bugfix on 0.4.3.4-rc. > } > } o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): > } - Fix an indentation problem that led to a warning from GCC 11.1.1. > } Fixes bug 40380; bugfix on 0.3.0.1-alpha. > } > } o Minor bugfixes (controller, backport from 0.4.6.1-alpha): > } - Fix a "BUG" warning that would appear when a controller chooses > } the first hop for a circuit, and that circuit completes. Fixes bug > } 40285; bugfix on 0.3.2.1-alpha. > } > } o Minor bugfixes (onion service, client, memory leak, backport from > } 0.4.6.3-rc): > } - Fix a bug where an expired cached descriptor could get overwritten > } with a new one without freeing it, leading to a memory leak. Fixes > } bug 40356; bugfix on 0.3.5.1-alpha. > } > } o Minor bugfixes (testing, BSD, backport from 0.4.6.2-alpha): > } - Fix pattern-matching errors when patterns expand to invalid paths > } on BSD systems. Fixes bug 40318; bugfix on 0.4.5.1-alpha. Patch by > } Daniel Pinto. > > -- > | .''`. ** Debian ** > Peter Palfrader | : :' : The universal > https://www.palfrader.org/ | `. `' Operating System > | `-https://www.debian.org/ > diff --git a/ChangeLog b/ChangeLog > index a2052fa55f..1c3cbdc82f 100644 > --- a/ChangeLog > +++ b/ChangeLog > @@ -1,3 +1,65 @@ > +Changes in version 0.4.5.8 - 2021-05-10 > + Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes > + from the 0.4.6.x series. > + > + o Minor features (compatibility, Linux seccomp sandbox, backport from > 0.4.6.3-rc): > +- Add a workaround to enable the Linux sandbox to work correctly > + with Glibc 2.33. This version of Glibc has started using the > + fstatat() system call, which previously our sandbox did not allow. > + Closes ticket 40382; see the ticket for a discussion of trade-offs. > + > + o Minor features (compilation, backport from 0.4.6.3-rc): > +
Bug#988634: unblock: tor/0.4.5.8-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I would like to update Tor in bullseye from 0.4.5.7-1 to 0.4.5.8-1. Tor 0.4.5.8 is an upstream stable release. unblock tor/0.4.5.8-1 Please let me know if I may upload to unstable. An upstream diff is attached. I cut the geoip databases and the fallback directory mirror lists. The ./debian/ diff is expected to contain only an update to the changelog. It does not yet exist, but I can provide it when needed. The upstream changelog entry follows. Cheers, } Changes in version 0.4.5.8 - 2021-05-10 } Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes } from the 0.4.6.x series. } } o Minor features (compatibility, Linux seccomp sandbox, backport } from 0.4.6.3-rc): } - Add a workaround to enable the Linux sandbox to work correctly } with Glibc 2.33. This version of Glibc has started using the } fstatat() system call, which previously our sandbox did not allow. } Closes ticket 40382; see the ticket for a discussion of trade-offs. } } o Minor features (compilation, backport from 0.4.6.3-rc): } - Make the autoconf script build correctly with autoconf versions } 2.70 and later. Closes part of ticket 40335. } } o Minor features (fallback directory list, backport from 0.4.6.2-alpha): } - Regenerate the list of fallback directories to contain a new set } of 200 relays. Closes ticket 40265. } } o Minor features (geoip data): } - Update the geoip files to match the IPFire Location Database, as } retrieved on 2021/05/07. } } o Minor features (onion services): } - Add warning message when connecting to now deprecated v2 onion } services. As announced, Tor 0.4.5.x is the last series that will } support v2 onions. Closes ticket 40373. } } o Minor bugfixes (bridge, pluggable transport, backport from 0.4.6.2-alpha): } - Fix a regression that made it impossible start Tor using a bridge } line with a transport name and no fingerprint. Fixes bug 40360; } bugfix on 0.4.5.4-rc. } } o Minor bugfixes (build, cross-compilation, backport from 0.4.6.3-rc): } - Allow a custom "ar" for cross-compilation. Our previous build } script had used the $AR environment variable in most places, but } it missed one. Fixes bug 40369; bugfix on 0.4.5.1-alpha. } } o Minor bugfixes (channel, DoS, backport from 0.4.6.2-alpha): } - Fix a non-fatal BUG() message due to a too-early free of a string, } when listing a client connection from the DoS defenses subsystem. } Fixes bug 40345; bugfix on 0.4.3.4-rc. } } o Minor bugfixes (compiler warnings, backport from 0.4.6.3-rc): } - Fix an indentation problem that led to a warning from GCC 11.1.1. } Fixes bug 40380; bugfix on 0.3.0.1-alpha. } } o Minor bugfixes (controller, backport from 0.4.6.1-alpha): } - Fix a "BUG" warning that would appear when a controller chooses } the first hop for a circuit, and that circuit completes. Fixes bug } 40285; bugfix on 0.3.2.1-alpha. } } o Minor bugfixes (onion service, client, memory leak, backport from } 0.4.6.3-rc): } - Fix a bug where an expired cached descriptor could get overwritten } with a new one without freeing it, leading to a memory leak. Fixes } bug 40356; bugfix on 0.3.5.1-alpha. } } o Minor bugfixes (testing, BSD, backport from 0.4.6.2-alpha): } - Fix pattern-matching errors when patterns expand to invalid paths } on BSD systems. Fixes bug 40318; bugfix on 0.4.5.1-alpha. Patch by } Daniel Pinto. -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/ diff --git a/ChangeLog b/ChangeLog index a2052fa55f..1c3cbdc82f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,65 @@ +Changes in version 0.4.5.8 - 2021-05-10 + Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes + from the 0.4.6.x series. + + o Minor features (compatibility, Linux seccomp sandbox, backport from 0.4.6.3-rc): +- Add a workaround to enable the Linux sandbox to work correctly + with Glibc 2.33. This version of Glibc has started using the + fstatat() system call, which previously our sandbox did not allow. + Closes ticket 40382; see the ticket for a discussion of trade-offs. + + o Minor features (compilation, backport from 0.4.6.3-rc): +- Make the autoconf script build correctly with autoconf versions + 2.70 and later. Closes part of ticket 40335. + + o Minor features (fallback directory list, backport from 0.4.6.2-alpha): +- Regenerate the list of fallback directories to contain a new set + of 200 relays. Closes ticket 40265. + + o Minor features (geoip data): +- Update the geoip files to match the IPFire Location