UbuntuUpdates.org

Package "tor"

Name: tor

Description:

anonymizing overlay network for TCP

Latest version: 0.2.9.14-1ubuntu1~16.04.3
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: https://www.torproject.org/

Links


Download "tor"


Other versions of "tor" in Xenial

Repository Area Version
base universe 0.2.7.6-1ubuntu1
security universe 0.2.9.14-1ubuntu1~16.04.3
PPA: Tor 0.4.8.13-2~xenial+1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.2.9.14-1ubuntu1~16.04.3 2018-11-22 21:06:52 UTC

  tor (0.2.9.14-1ubuntu1~16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Remote crash attack against directory authorities.
    - debian/patches/CVE-2018-0490.patch: Correctly handle NULL returns
      from parse_protocol_list when voting.
    - CVE-2018-0490

 -- Eduardo Barretto <email address hidden> Thu, 22 Nov 2018 13:37:42 -0200

Source diff to previous version
CVE-2018-0490 An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotoc

Version: 0.2.9.14-1ubuntu1~16.04.2 2018-03-01 04:06:38 UTC

  tor (0.2.9.14-1ubuntu1~16.04.2) xenial-security; urgency=medium

  * No-change rebuild for the security pocket.

 -- Seth Arnold <email address hidden> Wed, 28 Feb 2018 14:47:47 -0800

Source diff to previous version

Version: 0.2.9.14-1ubuntu1~16.04.1 2018-02-21 13:06:50 UTC

  tor (0.2.9.14-1ubuntu1~16.04.1) xenial; urgency=medium

  [ Peter Palfrader ]
  * apparmor: use Pix instead of PUx for obfs4proxy, giving us
    better confinement of the child process while actually working
    with systemd's NoNewPrivileges. (closes: #867342)
  * Do not rely on aa-exec and aa-enabled being in /usr/sbin in the
    SysV init script. This change enables apparmor confinement
    on some system-V systems again. (closes: #869153)
  * Update apparmor profile: replace CAP_DAC_OVERRIDE with
    CAP_DAC_READ_SEARCH to match the systemd capability bounding set
    changed with 0.3.0.4-rc-1. This change will allow tor to start
    again under apparmor if hidden services are configured.
    Patch by intrigeri. (closes: #862993)
  * Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service
    capability bounding set. Read access is sufficient for Tor (as root on
    startup) to check its onion service directories (see #847598).
  * Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
    causing all errors while switching to the new apparmor profile to
    be ignored. This is not ideal, but for now it's probably the
    best solution. Thanks to intrigeri; closes: #880490.

  [ Simon Deziel ]
  * Backport 0.2.9.14 to 16.04 (LP: #1731698)
  * debian/rules: stop overriding micro-revision.i
  * debian/control: drop build-conflicts
  * debian/control: Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf]
  * Resync with Debian Stretch

Source diff to previous version
1731698 [SRU] Tor 0.2.9.14 and 0.3.0.13
867342 tor: /usr/bin/obfs4proxy fails to load under default combination of apparmor execution permission PUx and systemd NoNewPrivileges=Yes hardening - Deb
869153 tor: CVE-2017-11565: aa-exec is not longer in /usr/sbin and now apparmor is silently scraped - Debian Bug report logs
862993 tor: Does not start with AppArmor enabled and hidden service directory owned by non-root - Debian Bug report logs
880490 tor: Does not start when the AppArmor LSM is enabled but the apparmor package is not installed - Debian Bug report logs

Version: 0.2.9.11-1ubuntu1~16.04.1 2017-09-18 17:06:45 UTC
No changelog available yet.



About   -   Send Feedback to @ubuntu_updates