[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Latest openssl update breaks Tor

Hey *,

the most recent openssl security update [0] breaks Tor. According to
our analysis so far, Tor isn't affected by the actual security issue, but
the patch as applied in openssl versions 1.0.0b and 0.9.8p causes
Tor to fail its handshake as a relay.

If you run a relay and have already upgraded your libssl, please
don't restart your relay unless you have to because it will otherwise
stop working. If you haven't upgraded, please verify whether any
other applications are affected and if not consider delaying the

So far I haven't been able to find a way to work around this issue
from inside Tor, but hopefully a fix can be developed soon.

Thanks for running relays!


[0]: https://blog.torproject.org/blog/new-openssl-vulnerability-tor-not-affected
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/