[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a



Thank you for the anwer, but i am unable to find precompiled packages
for 1.1.1 for debian.

I am currently using buster and i could downgrade to 1.1.0j from stretch
security.

Can someone help me?

Am 03.12.2018 um 02:09 schrieb Nick Mathewson:
> On Sat, Dec 1, 2018 at 8:40 PM Paul <paul@xxxxxxxxxxxxx> wrote:
>> I have run into this issue just now and iam curious if i can "just"
>> downgrade back or if there is any other way to workaround?
>>
> I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the
> two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA,
> which Tor doesn't use.  Also, you could use 1.1.0j if you prefer
> something patched.
>
>> How does this affect my relay? Will it still be useable?
> It will be usable by anybody connecting to it with TLS up to 1.2, and
> by clients using TLS 1.3.  Connections between your relay and other
> relays will fail if you are both upgraded to TLS 1.3.
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays