[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Warning to NoReply.org DEB Package Users

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Warning to NoReply.org DEB Package Users
From: Mike Cardwell <tor@xxxxxxxxxxxxxxxxxx>
Date: Sat, 11 Aug 2007 11:13:54 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 11 Aug 2007 06:14:05 -0400
In-reply-to: <3922422b0708101312h7a7c55cbw64390628cc7e2786@xxxxxxxxxxxxxx>
References: <3922422b0708101312h7a7c55cbw64390628cc7e2786@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

* on the Fri, Aug 10, 2007 at 04:12:21PM -0400, Ringo Kamens wrote:

> As you know, a major security vulnerability was just patched with the
> 0.1.2.16 release. I have been using the noreply.org deb packages but
> they didn't update to the newest version (at least not under amd64
> feisty). If you are in my situation you can compile from source or
> disable your controlport and wait out the storm until a new version is
> released. Is the package maintainer busy or..?
> Comrade Ringo Kamens

I've been using the noreply 0.1.2.16 release since it came out 9 days
ago...

root@clayman:~# grep noreply /etc/apt/sources.list
deb     http://mirror.noreply.org/pub/tor etch main
deb-src http://mirror.noreply.org/pub/tor etch main 
root@clayman:~# dpkg -l|grep ' tor '
ii  tor                             0.1.2.16-1~~etch.1
anonymizing overlay network for TCP
root@clayman:~# 

The amd64 Feisty version came out at the same time:

http://mirror.noreply.org/pub/tor/pool/feisty/tor_0.1.2.16-1~feisty.1_amd64.deb

Mike

References:
- Warning to NoReply.org DEB Package Users
  - From: Ringo Kamens

Prev by Author: Re: Privoxy usage?
Next by Author: ModSecurity v2 Apache rules for directory servers
Previous by thread: Re: Warning to NoReply.org DEB Package Users
Next by thread: Question about the vulnerability
Index(es):
- Author
- Thread