[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor 0.1.0.11 is released: security fix for servers

To: or-announce@xxxxxxxxxxxxx
Subject: Tor 0.1.0.11 is released: security fix for servers
From: Roger Dingledine <arma@xxxxxxx>
Date: Fri, 1 Jul 2005 17:02:24 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-announce-outgoing@seul.org
Delivered-to: or-announce@seul.org
Delivery-date: Fri, 01 Jul 2005 17:02:37 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-announce@xxxxxxxxxxxxx
User-agent: Mutt/1.5.9i

Tor 0.1.0.11 fixes a security problem where servers disregard their exit
policies in some circumstances. All server operators running 0.1.0.x or
later are advised to upgrade to 0.1.0.11 [1], downgrade to 0.0.9.10 [2],
or move to the latest Tor CVS [3]. Clients are not affected by this bug.

[1] http://tor.eff.org/download.html
[2] http://tor.eff.org/dist/
[3] http://tor.eff.org/developers.html

  o Bugfixes on 0.1.0.x:
    - Fix major security bug: servers were disregarding their
      exit policies if clients behaved unexpectedly.
    - Make OS X init script check for missing argument, so we don't
      confuse users who invoke it incorrectly.
    - Fix a seg fault in "tor --hash-password foo".
    - The MAPADDRESS control command was broken.

Attachment: signature.asc
Description: Digital signature

Next by Author: Tor 0.1.0.12 is released
Next by thread: Tor 0.1.0.12 is released
Index(es):
- Author
- Thread