[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor 0.2.2.22-alpha is out

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor 0.2.2.22-alpha is out
From: Orionjur Tor-admin <tor-admin@xxxxxxxxxxxxxxxxxx>
Date: Sun, 30 Jan 2011 08:06:51 +0000
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 30 Jan 2011 03:07:04 -0500
In-reply-to: <20110130070026.GM3300@xxxxxxxxxxxxxx>
References: <20110130070026.GM3300@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla-Thunderbird 2.0.0.24 (X11/20100329)

Roger Dingledine wrote:
> Tor 0.2.2.22-alpha fixes a few more less-critical security issues. The
> main other change is a slight tweak to Tor's TLS handshake that makes
> relays and bridges that run this new version reachable from Iran again.
> We don't expect this tweak will win the arms race long-term, but it will
> buy us a bit more time until we roll out a better solution.
> 
> Anybody running a relay or bridge who wants it to work for Iran should
> upgrade.
> 
> https://www.torproject.org/download/download
> 
> Changes in version 0.2.2.22-alpha - 2011-01-25
>   o Major bugfixes:
>     - Fix a bounds-checking error that could allow an attacker to
>       remotely crash a directory authority. Bugfix on 0.2.1.5-alpha.
>       Found by "piebeer".
>     - Don't assert when changing from bridge to relay or vice versa
>       via the controller. The assert happened because we didn't properly
>       initialize our keys in this case. Bugfix on 0.2.2.18-alpha; fixes
>       bug 2433. Reported by bastik.
> 
>   o Minor features:
>     - Adjust our TLS Diffie-Hellman parameters to match those used by
>       Apache's mod_ssl.
>     - Provide a log message stating which geoip file we're parsing
>       instead of just stating that we're parsing the geoip file.
>       Implements ticket 2432.
> 
>   o Minor bugfixes:
>     - Check for and reject overly long directory certificates and
>       directory tokens before they have a chance to hit any assertions.
>       Bugfix on 0.2.1.28 / 0.2.2.20-alpha. Found by "doorss".
> 

I installed it in the morning of yesterday or in the morning of the day
before yesteray on my debian exit node.
How can I do it before this release?

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

References:
- Tor 0.2.2.22-alpha is out
  - From: Roger Dingledine

Prev by Author: Re: Is "gatereloaded" a Bad Exit?
Next by Author: Re: Is "gatereloaded" a Bad Exit?
Previous by thread: Re: Tor 0.2.2.22-alpha is out
Next by thread: Re: Tor 0.2.2.22-alpha is out
Index(es):
- Author
- Thread