[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor 0.1.0.11 is released: security fix for servers



Tor 0.1.0.11 fixes a security problem where servers disregard their exit
policies in some circumstances. All server operators running 0.1.0.x or
later are advised to upgrade to 0.1.0.11 [1], downgrade to 0.0.9.10 [2],
or move to the latest Tor CVS [3]. Clients are not affected by this bug.

[1] http://tor.eff.org/download.html
[2] http://tor.eff.org/dist/
[3] http://tor.eff.org/developers.html

  o Bugfixes on 0.1.0.x:
    - Fix major security bug: servers were disregarding their
      exit policies if clients behaved unexpectedly.
    - Make OS X init script check for missing argument, so we don't
      confuse users who invoke it incorrectly.
    - Fix a seg fault in "tor --hash-password foo".
    - The MAPADDRESS control command was broken.

Attachment: signature.asc
Description: Digital signature