** Description changed: Micro versions of Tor were recently released to address some security problems (CVE-2017-0380/TROVE-2017-008) and crashes. The new releases also include directory authority changes. + + [Test Case] + + 1) Setup Tor: + $ sudo apt-get install tor + + 2) Check if the Tor network is usable: + $ torsocks wget -qO - https://ifconfig.co + 192.0.2.1 + + 3) Check that the IP returned by https://ifconfig.co is NOT the one + assigned by you ISP. + + 4) If you got a different IP it means wget used the Tor network + successfully + + 5) Repeat with the -proposed package + + + [Regression Potential] + + Unfortunately, I don't know what regression could be introduced by those + micro version upgrades (0.2.9.11->0.2.9.13 and 0.3.0.10->0.3.0.12). + Debian shipped 0.2.9.12 some time ago and I didn't find any regression + in their bug tracker. Unfortunately, Debian no longer ship the 0.3.0.x + branch as they moved to 0.3.1.x so the version in Artful saw less "in + the wild" testing. + + I also looked at the upstream bug tracker and didn't find any relevant + regression introduced by those new versions.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1731698 Title: [SRU] Tor 0.2.9.13 and 0.3.0.12 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1731698/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
