[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] most (>57% cwfr) of the tor network still vulnerable to CVE-2016-8860 - update your relay!



On Wed, 26 Oct 2016, at 02:04 PM, Zack Weinberg wrote:
> If you're using Debian jessie, you can get an 0.2.8.9 package from
> either backports or the torproject.org repository.  I went with
> backports because that let me also pick up a much newer openssl.
> 
> zw

Zack,

Interesting, I too recently upgraded to the backports version of tor but
didn't think to do openssl too. The current versions as far as I can
tell are:

jessie, 1.0.1t-1+deb8u5 (https://packages.debian.org/jessie/openssl)
jessie-backports, 1.0.2j-1~bpo8+1
(https://packages.debian.org/jessie-backports/openssl)

Is there such a big difference between these?

Louie
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays