Re: [tor-relays] From [tor-announce] Tor stable release 0.4.7.8 - Security Fix
Hello, This was an issue back on June 18 when you got that log message, but 0.4.7.8 is recommended in the consensus now (you'll see on Relay Search that the relays don't have the "experimental" or "not recommended" flags). Cheers On 20 Jun 2022 at 11:47 +0100, Felix , wrote: > > > We have released tor 0.4.7.8 earlier today, a new stable version for > > the 0.4.7.x series containing an important High severity security > > fix. The affected tor are only those of the 0.4.7.x series as in from > > tor-0.4.7.1-alpha to tor-0.4.7.7. > > Jun 18 10:08:46.000 [notice] This version of Tor (0.4.7.8) is newer > than any recommended version, according to the directory authorities. > > -- > Cheers Felix > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] From [tor-announce] Tor stable release 0.4.7.8 - Security Fix
> We have released tor 0.4.7.8 earlier today, a new stable version for > the 0.4.7.x series containing an important High severity security > fix. The affected tor are only those of the 0.4.7.x series as in from > tor-0.4.7.1-alpha to tor-0.4.7.7. Jun 18 10:08:46.000 [notice] This version of Tor (0.4.7.8) is newer than any recommended version, according to the directory authorities. -- Cheers Felix pgpKDS2ek1doi.pgp Description: Digitale Signatur von OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] EXPKEYSIG when running 'apt update'
On Tue, 14 Jun 2022 19:19:54 +0200 Peter Gerber wrote: > Looks like the expiration date on the key was changed and the package > deb.torproject.org-keyring only updates that key in > /usr/share/keyrings/. I can't but wonder if everyone that doesn't > have a signed-by is affected, which must be quite a few. Yeah I had the public signing key in both /etc/apt/trusted.gpg.d and /usr/share/keyrings. I had to manually update the key in /usr/share/keyrings/tor-archive-keyring.gpg as that file was referenced by my sources.list file. Not sure how it ended up in two places. Thanks for pointing this out! pgpsf8DUfpiho.pgp Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
