tor (0.4.7.16-1) bookworm-security; urgency=medium * New upstream version. * Target bookworm-security: o Major bugfixes (TROVE-2023-004, relay): - Mitigate an issue when Tor compiled with OpenSSL can crash during handshake with a remote relay. Fixes bug 40874; bugfix on 0.2.7.2-alpha. -- Peter Palfrader Tue, 14 Nov 2023 19:01:38 +0100 tor (0.4.7.15-1) bookworm; urgency=medium * New upstream version. -- Peter Palfrader Mon, 18 Sep 2023 21:59:09 +0200 tor (0.4.7.13-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Thu, 12 Jan 2023 18:31:32 +0100 tor (0.4.7.12-1) unstable; urgency=medium * New upstream version. * Put tor services after network-online.target instead of after network.target (re: tpo/core/tor#40679). -- Peter Palfrader Sat, 10 Dec 2022 17:15:53 +0100 tor (0.4.7.11-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Sat, 12 Nov 2022 09:58:38 +0100 tor (0.4.7.10-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Wed, 17 Aug 2022 21:26:27 +0200 tor (0.4.7.9-1) unstable; urgency=medium [ Pier Angelo Vendrame ] * Update apparmor policy to allow running snowflake-client. [ Peter Palfrader ] * New upstream version. -- Peter Palfrader Thu, 11 Aug 2022 17:47:24 +0200 tor (0.4.7.8-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Sun, 19 Jun 2022 14:19:53 +0200 tor (0.4.7.7-1) unstable; urgency=medium * Upload 0.4.7.x tree to unstable. * New upstream version. -- Peter Palfrader Wed, 27 Apr 2022 23:52:43 +0200 tor (0.4.7.6-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 25 Apr 2022 20:55:00 +0200 tor (0.4.7.5-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 25 Mar 2022 20:21:04 +0100 tor (0.4.7.4-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sat, 26 Feb 2022 22:01:37 +0100 tor (0.4.7.3-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Sun, 19 Dec 2021 21:59:38 +0100 tor (0.4.6.8-1) unstable; urgency=medium * Upload 0.4.6.x tree to unstable. * New upstream version. -- Peter Palfrader Sun, 31 Oct 2021 13:35:00 +0100 tor (0.4.6.7-1) experimental; urgency=medium * New upstream version. - Resolve an assertion failure caused by a behavior mismatch between our batch-signature verification code and our single-signature verification code. This assertion failure could be triggered remotely, leading to a denial of service attack. We fix this issue by disabling batch verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de Valence. * Raise debian/compat from 9 to 10. -- Peter Palfrader Thu, 19 Aug 2021 20:28:49 +0200 tor (0.4.6.6-1) experimental; urgency=medium * New upstream version. * Update Suggests: from tor-arm to nyx (closes: #991012). -- Peter Palfrader Tue, 13 Jul 2021 09:55:23 +0200 tor (0.4.6.5-1) experimental; urgency=medium * New upstream version, fixing several (security) issues (closes: #990000). For a full list see the upstream changelog. It includes: - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548. - Detect more failure conditions from the OpenSSL RNG code. Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself. Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero. - Resist a hashtable-based CPU denial-of-service attack against relays. Previously we used a naive unkeyed hash function to look up circuits in a circuitmux object. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now we use a SipHash construction here instead. Bugfix on 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and CVE-2021-34549. Reported by Jann Horn from Google's Project Zero. - Fix an out-of-bounds memory access in v3 onion service descriptor parsing. An attacker could exploit this bug by crafting an onion service descriptor that would crash any client that tried to visit it. Bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei Glazunov from Google's Project Zero. -- Peter Palfrader Fri, 18 Jun 2021 11:57:06 +0200 tor (0.4.6.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 03 Jun 2021 14:12:41 +0200 tor (0.4.6.3-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 10 May 2021 16:47:40 +0200 tor (0.4.6.2-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Thu, 06 May 2021 15:19:54 +0200 tor (0.4.5.7-1) unstable; urgency=high * New upstream version, fixes two security issues: - Disable the dump_desc() function. (TROVE-2021-001 and CVE-2021-28089). - Fix a bug in appending detached signatures. (TROVE-2021-002 and CVE-2021-28090) -- Peter Palfrader Tue, 16 Mar 2021 15:01:09 +0100 tor (0.4.5.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Tue, 16 Feb 2021 08:43:47 +0100 tor (0.4.5.5-rc-1) unstable; urgency=medium * New upstream version. * Upload 0.4.5.x tree to unstable; this is the last RC of that tree. If all goes well, it will be the next stable, so try to get it some more testing. -- Peter Palfrader Tue, 02 Feb 2021 07:36:28 +0100 tor (0.4.5.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 22 Jan 2021 18:09:28 +0100 tor (0.4.5.3-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 13 Jan 2021 09:02:04 +0100 tor (0.4.5.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Tue, 24 Nov 2020 08:24:24 +0100 tor (0.4.5.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Mon, 02 Nov 2020 12:51:15 +0100 tor (0.4.4.5-1) unstable; urgency=medium * Upload 0.4.4.x tree to unstable. * New upstream version. -- Peter Palfrader Tue, 15 Sep 2020 15:39:59 +0200 tor (0.4.4.4-rc-1) experimental; urgency=medium * New upstream version. * Drop build dependency on (now obsolete) dh-systemd and instead raise the debhelper versioned dependency to >= 9.20160114 from >= 9.20160709 (closes: #958622). -- Peter Palfrader Sat, 05 Sep 2020 13:33:31 +0200 tor (0.4.4.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 13 Jul 2020 15:08:23 +0200 tor (0.4.4.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Mon, 22 Jun 2020 08:00:16 +0200 tor (0.4.3.5-1) unstable; urgency=medium * Upload 0.4.3.x tree to unstable. * New upstream version. -- Peter Palfrader Fri, 15 May 2020 15:01:38 +0200 tor (0.4.3.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Tue, 14 Apr 2020 07:40:28 +0200 tor (0.4.3.2-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Tue, 11 Feb 2020 08:18:43 +0100 tor (0.4.2.6-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Fri, 31 Jan 2020 10:15:07 +0100 tor (0.4.2.5-1) unstable; urgency=medium * Upload 0.4.2.x tree to unstable. * New upstream version. -- Peter Palfrader Mon, 16 Dec 2019 10:24:22 +0100 tor (0.4.2.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Tue, 19 Nov 2019 17:54:04 +0100 tor (0.4.2.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 25 Oct 2019 08:28:11 +0200 tor (0.4.2.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 07 Oct 2019 16:25:46 +0200 tor (0.4.2.1-alpha-1) experimental; urgency=medium * New upstream tree; target experimental * logrotate snippet: call invoke-rc.d instead of service for service status and reload since this seems to be more in line with Debian policy. -- Peter Palfrader Thu, 19 Sep 2019 12:01:47 +0200 tor (0.4.1.5-1) unstable; urgency=medium * New upstream version; upload 0.4.1.x to unstable. * Fix three typos in README.Debian. * Avoid setting DEB_HOST_ARCH_OS in debian/rules as that should be pre-initialized nowadays. * tor-geoipdb: change from priority extra to optional as the former is obsolete. * Set Standards-Version to 4.4.0. * The fix for #930113, runit support, added an /etc/tor/conf to set the ulimit -n when run under runit. That directory is a bad place. It confuses users, nowhere is it apparent that only runit cares about that directory and that e.g. sysV or systemd don't. Get rid of that directory and the MAX_FILEDESCRIPTORS file in it and set a reasonable default in the runit script if MAX_FILEDESCRIPTORS is not already set. -- Peter Palfrader Wed, 21 Aug 2019 09:59:54 +0200 tor (0.4.1.4-rc-1) experimental; urgency=medium * New upstream version. * Use start-stop-daemon in the init script instead of ps. Using ps would require us to depend on procps when all we want is to check if a process exists (closes: #932125). * Add untested/unsupported runit support (closes: #930113). Use the patch provided there, except also fix the backporting scripts, change the somewhat low number of FDs to 65536, change a variable name as to not suggest this has anything to do with tor authority directory servers. -- Peter Palfrader Fri, 26 Jul 2019 09:32:22 +0200 tor (0.4.1.3-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Mon, 15 Jul 2019 13:24:34 +0200 tor (0.4.0.5-2) unstable; urgency=medium * Upload 0.4.0.x tree to unstable. -- Peter Palfrader Sat, 13 Jul 2019 16:00:05 +0200 tor (0.4.0.5-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 02 May 2019 20:32:45 +0200 tor (0.4.0.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 12 Apr 2019 13:35:49 +0200 tor (0.4.0.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sun, 24 Mar 2019 13:04:49 +0100 tor (0.4.0.2-alpha-1) experimental; urgency=medium * New upstream version. - Includes a fix for a medium-severity security bug: Make KIST consider the outbuf length when computing what it can put in the outbuf. Previously, KIST acted as though the outbuf were empty, which could lead to the outbuf becoming too full. It is possible that an attacker could exploit this bug to cause a Tor client or relay to run out of memory and crash. Fixes bug 29168; bugfix on 0.3.2.1-alpha. This issue is also being tracked as TROVE-2019-001 and CVE-2019-8955. -- Peter Palfrader Fri, 22 Feb 2019 09:29:07 +0100 tor (0.4.0.1-alpha-1) experimental; urgency=medium * New upstream tree. * Replace all references to /var/run with /run (closes: #918898). -- Peter Palfrader Thu, 10 Jan 2019 13:43:32 +0100 tor (0.3.5.7-1) unstable; urgency=medium * New upstream version, upload 0.3.5.x tree to unstable. -- Peter Palfrader Tue, 08 Jan 2019 09:22:13 +0100 tor (0.3.5.6-rc-1) experimental; urgency=medium * tests/setup-onion-service: In our start-stop-daemon call, use pipetty as processname as that's the visible process name. * tests/setup-onion-service: retry starting onionshare a couple of times if it fauls to bootstrap. * tests/setup-onion-service marked as flaky. * New upstream version. -- Peter Palfrader Wed, 19 Dec 2018 10:16:41 +0100 tor (0.3.5.5-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 16 Nov 2018 17:24:54 +0100 tor (0.3.5.4-alpha-1) experimental; urgency=medium [ Peter Palfrader ] * New upstream version. * drop patches/crypto_ope-endian, as it's no longer needed. * New autopkgtest: download-release-file: launches a tor instance and tries to fetch a Release file over Tor from deb.debian.org. * New autopkgtest: setup-onion-service. Provides a file using onionshare and tries to fetch it from the onion service. [ intrigeri ] * apparmor: allow reading the OpenSSL configuration (Closes: #909364). -- Peter Palfrader Thu, 08 Nov 2018 14:11:20 +0100 tor (0.3.5.3-alpha-2) experimental; urgency=medium * Use the correct preprocessor makro in crypto_ope.c to correctly work on big endian systems (re: tor#28115). -- Peter Palfrader Fri, 19 Oct 2018 14:37:14 +0200 tor (0.3.5.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 17 Oct 2018 23:19:23 +0200 tor (0.3.5.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sat, 22 Sep 2018 16:31:04 +0200 tor (0.3.5.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sat, 22 Sep 2018 13:43:24 +0200 tor (0.3.5.1-alpha-1) experimental; urgency=medium * New upstream tree. * Drop improve-geoip-warning patch, it no longer applies after the refactoring. * Install debian's microrevision.i into the top sourcedir. -- Peter Palfrader Tue, 18 Sep 2018 13:54:59 +0200 tor (0.3.4.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Tue, 26 Jun 2018 18:22:48 +0200 tor (0.3.4.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 13 Jun 2018 09:34:10 +0200 tor (0.3.4.1-alpha-1) experimental; urgency=medium * New upstream tree. * Start using upstream's minimal torrc as our default /etc/tor/torrc. * Put longer torrc.sample into /usr/share/doc. -- Peter Palfrader Fri, 18 May 2018 10:33:45 +0200 tor (0.3.3.5-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sun, 15 Apr 2018 22:05:26 +0200 tor (0.3.3.4-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 04 Apr 2018 19:50:34 +0200 tor (0.3.3.3-alpha-1) experimental; urgency=medium * New upstream version. - Includes an important security fix for a remote crash attack against directory authorities. [TROVE-2018-001 and CVE-2018-0490] - Additionally, note that the previous upload (0.3.3.2-alpha-1) fixed Tor#24700, which had its severity upgraded now (remotely triggered crash of relays). [TROVE-2018-002 and CVE-2018-0491] -- Peter Palfrader Sat, 03 Mar 2018 16:29:43 +0100 tor (0.3.3.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sun, 11 Feb 2018 11:48:23 +0100 tor (0.3.3.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Thu, 25 Jan 2018 21:20:15 +0100 tor (0.3.2.9-1) unstable; urgency=medium * New upstream version, upload 0.3.2.x tree to unstable. -- Peter Palfrader Tue, 16 Jan 2018 10:49:46 +0100 tor (0.3.2.8-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 21 Dec 2017 20:55:48 +0100 tor (0.3.2.7-rc-1) experimental; urgency=medium * New upstream version. * Stop suggesting obfsproxy -- long obsolete; closes: #884369. -- Peter Palfrader Thu, 14 Dec 2017 20:00:51 +0100 tor (0.3.2.6-alpha-1) experimental; urgency=medium * New upstream version, including among others: - Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820. - When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819. - Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823. - When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. - When running as a relay, make sure that we never choose ourselves as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. -- Peter Palfrader Fri, 01 Dec 2017 23:30:27 +0100 tor (0.3.2.5-alpha-1) experimental; urgency=medium * New upstream version. * Build-depend on libcap-dev on linux-any so we can build tor with capabilities support to retain the capability to bind to low ports; closes: #882281, #700179. -- Peter Palfrader Wed, 22 Nov 2017 15:59:58 +0100 tor (0.3.2.4-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 09 Nov 2017 15:26:08 +0100 tor (0.3.2.3-alpha-2) experimental; urgency=medium * Recent linux packages in Debian have enabled the apparmor Linux-Security-Module by default. Therefore, users are likely to have apparmor support not only built into their kernel but also actively enabled at runtime. Unfortunately, without the apparmor package being installed, systemd's AppArmorProfile= service setting will cause the unit to fail to start. . Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor, causing all errors while switching to the new apparmor profile to be ignored. This is not ideal, but for now it's probably the best solution. . Thanks to intrigeri; closes: #880490. -- Peter Palfrader Thu, 02 Nov 2017 21:31:27 +0100 tor (0.3.2.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sun, 29 Oct 2017 18:36:27 +0100 tor (0.3.2.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Tue, 03 Oct 2017 19:46:23 +0200 tor (0.3.2.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Wed, 20 Sep 2017 22:28:53 +0200 tor (0.3.1.7-1) unstable; urgency=medium * New upstream version, upload 0.3.1.x tree to unstable. * Build depend on liblzma-dev and libzstd-dev. -- Peter Palfrader Mon, 18 Sep 2017 23:01:50 +0200 tor (0.3.1.6-rc-1) experimental; urgency=medium * New upstream version. * Drop versioned dependency on binutils. The version is already newer in all supported Debian and Ubuntu trees, and binutils is in the transitive dependency set of build-essential. Patch by Helmut Grohne. (closes: #873127) -- Peter Palfrader Thu, 24 Aug 2017 21:11:25 +0200 tor (0.3.1.5-alpha-2) experimental; urgency=medium * apparmor: use Pix instead of PUx for obfs4proxy, giving us better confinement of the child process while actually working with systemd's NoNewPrivileges. (closes: #867342) * Do not rely on aa-exec and aa-enabled being in /usr/sbin in the SysV init script. This change enables apparmor confinement on some system-V systems again. (closes: #869153) -- Peter Palfrader Sat, 19 Aug 2017 10:21:30 +0200 tor (0.3.1.5-alpha-1) experimental; urgency=medium * New upstream version. * Update apparmor profile: replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH to match the systemd capability bounding set changed with 0.3.0.4-rc-1. This change will allow tor to start again under apparmor if hidden services are configured. Patch by intrigeri. (closes: #862993) * Remove tor-dbg binary package. Nowadays Debian's toolchain automatically builds packages containing debugging symbols. The new tor-dbgsym package will end up in the debian-debug archive. This tor-dbgsym package will Replace/Break tor-dbg versions prior to 0.3.1.5-alpha for now, but as we keep providing backported builds for older suites, and since those keep the tor-dbg package for now, we'll likely keep increasing this version in future releases. (closes: #867547) * The dbgsym migration options require debhelper >= 9.20160114; update build dependency list accordingly. -- Peter Palfrader Sun, 06 Aug 2017 20:57:47 +0200 tor (0.3.1.4-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Sun, 02 Jul 2017 10:46:56 +0200 tor (0.3.0.9-1) unstable; urgency=medium * New upstream version, upload 0.3.0.x tree to unstable. - Fixes TROVE-2017-006: Regression in guard family avoidance (closes: #866799; CVE-2017-0377). * Remove debian/README.{polipo,privoxy} as using them is not recommended. (Torbrowser is the better option for users browsing the web.) -- Peter Palfrader Sun, 02 Jul 2017 00:53:02 +0200 tor (0.3.0.8-1) experimental; urgency=medium * New upstream version. - Fix a remotely triggerable assertion failure when a hidden service handles a malformed BEGIN cell. Fixes bug 22493, tracked as TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. - Fix a remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. (closes: #864424) -- Peter Palfrader Thu, 08 Jun 2017 21:42:54 +0200 tor (0.3.0.7-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 18 May 2017 18:36:40 +0200 tor (0.3.0.5-rc-1) experimental; urgency=medium * New upstream version. - Run the entry_guard_parse_from_state_full() test with the time set to a specific date. (closes: #858534). -- Peter Palfrader Sat, 08 Apr 2017 10:57:39 +0200 tor (0.3.0.4-rc-1) experimental; urgency=medium * New upstream version. * Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service capability bounding set. Read access is sufficient for Tor (as root on startup) to check its onion service directories (see #847598). * Change default log target to syslog. We still keep /var/log/tor and the logrotation configuration around in case the admin prefers normal log files. Also update README.Debian accordingly. (closes: #852716). -- Peter Palfrader Sat, 04 Mar 2017 10:29:57 +0100 tor (0.3.0.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Sat, 04 Feb 2017 18:10:56 +0100 tor (0.3.0.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 23 Jan 2017 17:18:27 +0100 tor (0.3.0.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Sun, 25 Dec 2016 19:48:12 +0100 tor (0.2.9.8-2) unstable; urgency=medium * Actually target unstable. -- Peter Palfrader Mon, 19 Dec 2016 22:21:05 +0100 tor (0.2.9.8-1) experimental; urgency=medium * New upstream version, upload 0.2.9.x tree to unstable. * Add a comment to tor@.service explaining why we cannot limit to /var/lib/tor-instances/ but only to /var/lib/tor-instances -- systemd does not do instance expansion in ReadWriteDirectories lines -- cf. #781730. * Update README.Debian to mention a good location to put onion service UNIX sockets. Note that neither systemd nor apparmor limits access to them -- cf. #846275. * Use -Z (Apply SE-Linux labels) to install when creating instance datadirs in tor-instance-create. -- Peter Palfrader Mon, 19 Dec 2016 15:53:38 +0100 tor (0.2.9.7-rc-1) experimental; urgency=medium * New upstream version. * Remove CAP_CHOWN, CAP_FOWNER from the systemd service files' CapabilityBoundingSet. We may no longer need them. The upstream changelog says that Tor changed some logic with 0.2.8.1-alpha that made CAP_CHOWN CAP_FOWNER no longer needed. CAP_DAC_OVERRIDE is still needed: Tor checks properties of hidden service directories as root before changing its UID to debian-tor, and those trees are owned by debian-tor and go-rwx (see #847598). -- Peter Palfrader Mon, 12 Dec 2016 17:06:28 +0100 tor (0.2.9.6-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 02 Dec 2016 17:53:00 +0100 tor (0.2.9.5-alpha-1) experimental; urgency=medium * New upstream version. * Raise Standards-Version to 3.9.8 - no changes needed. * Use command -v $foo instead of [ -x /sbin/$foo ] in maintainer script. -- Peter Palfrader Tue, 08 Nov 2016 13:36:16 +0100 tor (0.2.9.4-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 17 Oct 2016 22:20:31 +0200 tor (0.2.9.3-alpha-1) experimental; urgency=medium [ Peter Palfrader ] * New upstream version. [ Iain R. Learmonth ] * Removes dependency on hardening-wrapper, and build-depend on version >= 9 of debhelper instead so we can enable harding via DEB_BUILD_MAINT_OPTIONS (closes: #836762). -- Peter Palfrader Fri, 23 Sep 2016 23:49:01 +0200 tor (0.2.9.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 25 Aug 2016 09:40:38 +0200 tor (0.2.9.1-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Wed, 17 Aug 2016 21:05:37 +0200 tor (0.2.8.6-3) unstable; urgency=medium * Raise TimeoutStartSec from 120 to 300 secs for slower systems. * tor-instance-create and tor-instance-create.8.txt: fix some typos. -- Peter Palfrader Wed, 17 Aug 2016 17:16:22 +0200 tor (0.2.8.6-2) unstable; urgency=medium * Update the system V init script to create /var/run/tor with mode 02755 also. This matches the systemd service file. * No longer create /var/run/tor in postinst -- it is created when services start. * apparmor policy: let tor read /var/lib/tor/** (without it being the owner of these files) -- Peter Palfrader Thu, 04 Aug 2016 20:27:55 +0200 tor (0.2.8.6-1) unstable; urgency=medium * New upstream version, upload 0.2.8.x tree to unstable. -- Peter Palfrader Tue, 02 Aug 2016 18:07:21 +0200 tor (0.2.8.5-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 11 Jul 2016 14:33:45 +0200 tor (0.2.8.4-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 15 Jun 2016 19:59:31 +0200 tor (0.2.8.3-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Wed, 01 Jun 2016 21:29:15 +0200 tor (0.2.8.2-alpha-1) experimental; urgency=medium * New upstream version. * apparmor profile: Allow reading of /var/lib/tor to the process. This is required by new tor versions (closes: Tor#18370). * Set SocksPort unix:/var/run/tor/socks and 9050 in the defaults file (closes: #797335). - For non-default instances, use /var/run/tor-instances/@@NAME@@/socks. - Make /var/run/tor mode 755 (from 750). Same for the instance run directories. - Use the RelaxDirModeCheck option for the control unix domain socket so that works. - tor-instance-create: in the torrc we create, append to the SocksPort list using + instead of overriding what is configured in the defaults file. - apparmor: allow reading of {/var,}/run/tor, and writing of {/var,}/run/tor/socks. -- Peter Palfrader Sat, 23 Apr 2016 11:23:40 +0200 tor (0.2.8.1-alpha-1) experimental; urgency=medium * New upstream tree. * Drop 20-upstream-syslog-identity as it is included upstream (cf. upstream bug #17194). -- Peter Palfrader Fri, 05 Feb 2016 15:50:51 +0100 tor (0.2.7.6-2) unstable; urgency=medium * Don't override override_dh_install, instead override override_dh_install-arch to get the extra bits we like installed and moved around in the tor binary package. This makes arch-all only builds work (closes: #806661). -- Peter Palfrader Wed, 16 Dec 2015 14:19:50 +0100 tor (0.2.7.6-1) unstable; urgency=high * New upstream version. - Actually look at the Guard flag when selecting a new directory guard. * Actually install tor-instance-create.8 manpage. * Change the apparmor profile tor allow Tor to access the systemd notification socket. Thanks to regar42. Closes Tor#17693. * tor-instance-create: Do systemctl daemon-reload *after* writing the new torrc. -- Peter Palfrader Thu, 10 Dec 2015 21:48:34 +0100 tor (0.2.7.5-1) unstable; urgency=medium * New upstream version, upload 0.2.7.x tree to unstable. -- Peter Palfrader Fri, 20 Nov 2015 16:37:29 +0100 tor (0.2.7.4-rc-1) experimental; urgency=medium * New upstream version. * Include identity tag for syslog logging feature from master. This is bug#17194 upstream. * Support multiple instances (closes: #791393). * Split systemd service timeout into start and stop timeout, and raise them to 120 and 60 seconds from 45 (closes: tor#16398). * Enable apparmor support for the default tor service (re: #761404). Apparmor is not yet being enabled for any other tor instance. -- Peter Palfrader Thu, 22 Oct 2015 16:09:01 +0200 tor (0.2.7.3-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 25 Sep 2015 16:08:26 +0200 tor (0.2.7.2-alpha-1) experimental; urgency=medium * New upstream tree. -- Peter Palfrader Mon, 27 Jul 2015 20:49:14 +0200 tor (0.2.6.10-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Mon, 13 Jul 2015 18:05:34 +0200 tor (0.2.6.9-1) unstable; urgency=medium * New upstream version. * Drop do-not-require-systemd and fix-sandbox-use-with-systemd.-bug-16212 patches as they are included upstream now. -- Peter Palfrader Fri, 12 Jun 2015 22:01:42 +0200 tor (0.2.6.8-5) unstable; urgency=medium * Sandboxing, when enabled, would prevent tor from working when started from systemd, as tor wasn't allowed to create a UNIX datagram socket. Include that patch from upstream's git. -- Peter Palfrader Sat, 30 May 2015 16:44:27 +0200 tor (0.2.6.8-4) unstable; urgency=medium * Remove whitespace around = in the systemd service file. Apparently the spaces confuse deb-systemd-helper, which then resulted in Tor not being automatically started on boot (see #786418). * Remove obsolete After=syslog.target from systemd service file. -- Peter Palfrader Mon, 25 May 2015 22:02:39 +0200 tor (0.2.6.8-3) unstable; urgency=low * debian/rules: Change order of --with commands to dh to ensure that we patch before calling autoreconf. -- Peter Palfrader Sun, 24 May 2015 08:58:18 +0200 tor (0.2.6.8-2) unstable; urgency=low * debian/control: Depend on dh-systemd, libsystemd-dev, and pkg-config only on linux-any. * debian/rules: Build with systemd only if DEB_HOST_ARCH_OS is linux. * patch upstream's configure.ac to check for the existance of libsystemd rather than systemd. -- Peter Palfrader Sat, 23 May 2015 16:28:30 +0200 tor (0.2.6.8-1) unstable; urgency=medium * New upstream version, upload 0.2.6.x tree to unstable. * Ship a systemd .service file (closes: #761403). Thanks to intrigeri and Arto Jantunen. - Build depend on dh-systemd, libsystemd-dev, pkg-config. - Build with --enable-systemd. * Autoreconf on build (closes: #783729). - Build depend on dh-autoreconf. -- Peter Palfrader Sat, 23 May 2015 09:57:44 +0200 tor (0.2.6.7-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 06 Apr 2015 17:17:44 +0200 tor (0.2.6.6-1) experimental; urgency=medium * New upstream version. * Stick to experimental for now to keep unstable open as a track to jessie. -- Peter Palfrader Tue, 24 Mar 2015 21:56:04 +0100 tor (0.2.6.5-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 19 Mar 2015 14:55:37 +0100 tor (0.2.6.4-rc-1) experimental; urgency=medium * New upstream version. * Build with --enable-gcc-warnings-advisory. -- Peter Palfrader Mon, 23 Feb 2015 18:39:37 +0100 tor (0.2.6.3-alpha-1) experimental; urgency=medium * New upstream version. * [intrigeri] + apparmor policy: Allow execution of /usr/bin/obfs4proxy (closes: #777592). * Run restorecon on /var/lib/tor /var/run/tor /var/log/tor in postinst (closes: #776352). * Suggests cleanup: + Stop suggesting xul-ext-torbutton, suggest torbrowser-launcher instead. + Stop suggesting polipo (>= 1) | privoxy - those are no longer considered good means to browser the web with Tor. + Suggest obfs4proxy in addition to obfsproxy. -- Peter Palfrader Fri, 20 Feb 2015 11:34:40 +0100 tor (0.2.6.2-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Thu, 01 Jan 2015 16:15:59 +0100 tor (0.2.6.1-alpha-1) experimental; urgency=medium * New upstream version. * New upstream tree in experimental: 0.2.6.x. -- Peter Palfrader Thu, 06 Nov 2014 15:40:23 +0100 tor (0.2.5.10-1) unstable; urgency=medium * New upstream version. * Use "service tor reload", guarded by "service tor status" in logrotate instead as suggested by Dirk Griesbach (closes: #765407). -- Peter Palfrader Fri, 24 Oct 2014 16:05:28 +0200 tor (0.2.5.9-rc-1) unstable; urgency=medium * New upstream version. - Disabled SSLv3 unconditionally. As a by-product, this means that we no longer die in SSLv3 cleanup code in what is likely an openssl bug introduced in 1.0.1j (closes: 765968). * logrotate script: call invoke-rc.d tor reload instead of /etc/init.d/tor reload. This way, if tor is properly disabled, we will not try to reload tor. (closes: #765407). -- Peter Palfrader Mon, 20 Oct 2014 21:01:01 +0200 tor (0.2.5.8-rc-1) unstable; urgency=medium * New upstream version. Upload to unstable. -- Peter Palfrader Tue, 23 Sep 2014 11:06:10 +0200 tor (0.2.5.7-rc-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Fri, 12 Sep 2014 16:56:10 +0200 tor (0.2.5.6-alpha-1) experimental; urgency=medium * New upstream version. -- Peter Palfrader Mon, 28 Jul 2014 22:41:37 +0200 tor (0.2.5.5-alpha-1) experimental; urgency=low * New upstream version. * upstream contrib/ directory cleanup, requires adapting paths in tor.docs and tor.install: - torify moved to contrib/client-tools/ - tor-exit-notice.html moved to contrib/operator-tools/ * Restrict build dependency on libseccomp-dev to amd64 and i386 only. Build-Conflict with it on the other archs. -- Peter Palfrader Thu, 19 Jun 2014 08:06:11 +0200 tor (0.2.5.4-alpha-1) experimental; urgency=low * New upstream version. * Build depend on libseccomp-dev. -- Peter Palfrader Sat, 26 Apr 2014 09:01:00 +0200 tor (0.2.5.3-alpha-1) experimental; urgency=low * New upstream version. * Add obfsproxy to suggests. * Apparmor policy: Allow executing /usr/bin/obfsproxy - thanks to intrigeri for the patch (closes: #739279). -- Peter Palfrader Sun, 23 Mar 2014 07:39:17 +0100 tor (0.2.5.2-alpha-1) experimental; urgency=low * New upstream version. * From 0.2.4.20-1: + init script: make /var/log/tor if it does not exist anymore (closes: #732572). -- Peter Palfrader Thu, 13 Feb 2014 23:44:03 +0100 tor (0.2.5.1-alpha-1) experimental; urgency=low * New upstream tree, new upstream version. * Current alpha no longer /builds/ contrib/torify, it just ships it. Adapt debian/tor.install to get it from contrib/torify instead of build/contrib/torify. -- Peter Palfrader Tue, 01 Oct 2013 20:28:59 +0200 tor (0.2.4.17-rc-2) UNRELEASED; urgency=low * Re-add a few 'exit 1' statements on errors that got lost while updating the init script to fancy LSB style output (closes: #722153). * Mention the DisableDebuggerAttachment setting next to the ulimit -c line in /etc/default/tor (closes: #723801). -- Peter Palfrader Sun, 08 Sep 2013 16:49:04 +0200 tor (0.2.4.17-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Thu, 05 Sep 2013 15:00:08 +0200 tor (0.2.4.16-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sun, 11 Aug 2013 00:31:17 +0200 tor (0.2.4.15-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Wed, 03 Jul 2013 20:58:53 +0200 tor (0.2.4.14-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 18 Jun 2013 22:21:36 +0200 tor (0.2.4.13-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 17 Jun 2013 12:18:16 +0200 tor (0.2.4.12-alpha-2) experimental; urgency=low * No longer change tor manpage to be in section 8. * No longer move tor from usr/bin to /usr/sbin after make install. We now install tor into the same place as upstream. Having it in the default user path makes it easier for users who want to run tor themselves. * Install a compatibility symlink in /usr/sbin. * Change relation form from (< version) to (<< version) in the tor-geoip package. * Update debian/watch file. * Clean up old /etc/tor/tor-tsocks.conf conffile (closes: #705785). This requires debhelper >= 8.1.0~, adapt build-dependency accordingly. -- Peter Palfrader Wed, 08 May 2013 18:03:36 +0200 tor (0.2.4.12-alpha-1) experimental; urgency=low * New upstream version. * Forward port 03_tor_manpage_in_section_8.dpatch: torify.1 no longer references tsocks. * No longer install contrib/tor-tsocks.conf - it was dropped upstream. * Update year in debian/copyright. -- Peter Palfrader Thu, 18 Apr 2013 16:04:29 +0200 tor (0.2.4.11-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 11 Mar 2013 22:46:51 +0100 tor (0.2.4.10-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 05 Feb 2013 00:08:36 +0100 tor (0.2.4.9-alpha-1) experimental; urgency=low * New upstream version. * Build-Conflict with libnacl-dev so that we don't pull it in accidentally. For now Tor doesn't manage to use it on at least amd64 anyway, but that may change. We should review this decision once we know how things work and where we want to use nacl. * Move the geoip6 file to the tor-geoip package (spotted by George Kargiotakis) * add appropriate Replaces and Breaks to the tor-geoip package for tor < 0.2.4.8 since we moved a file to tor-geoip. * If $DAEMON $VERIFY_ARGS fails, call use the same arguments for finding the errors and not $DAEMON --verify-config. -- Peter Palfrader Wed, 16 Jan 2013 11:05:43 +0100 tor (0.2.4.7-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 25 Dec 2012 21:23:49 +0100 tor (0.2.4.6-alpha-1) experimental; urgency=low * New upstream version. * Update debian/copyright file somewhat. -- Peter Palfrader Tue, 13 Nov 2012 11:28:25 +0100 tor (0.2.4.5-alpha-1) experimental; urgency=high * New upstream version: - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory authority could crash everybody downloading v2 directory information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. - and more. -- Peter Palfrader Fri, 26 Oct 2012 09:17:33 +0200 tor (0.2.4.4-alpha-1) experimental; urgency=low * New upstream version. o Major bugfixes (security/privacy, also in 0.2.3.23-rc): - Disable TLS session tickets. OpenSSL's implementation was giving our TLS session keys the lifetime of our TLS context objects, when perfect forward secrecy would want us to discard anything that could decrypt a link connection as soon as the link connection was closed. Fixes bug 7139; bugfix on all versions of Tor linked against OpenSSL 1.0.0 or later. Found by Florent Daignière. - Discard extraneous renegotiation attempts once the V3 link protocol has been initiated. Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France". o And more. For details please see the upstream changelog. * Add debian/source.lintian-overrides for rc-version-greater-than-expected-version, similar to what we have for the binary packages. -- Peter Palfrader Mon, 22 Oct 2012 11:52:48 +0200 tor (0.2.4.3-alpha-1) experimental; urgency=low * New upstream version. * Remove debian/patches/02_add_debian_files_in_manpage which hasn't been enabled for over five years now. * Update and fix a minor whitespace issue in debian/patches/14_fix_geoip_warning. * remove obsolete debian/TODO file. * Use dh_lintian to install the override file for tor-geoipdb. Requires changing debhelper build dependency to >= 6 from >= 5, and renaming debian/tor-geoipdb.lintian-override to tor-geoipdb.lintian-overrides. * Use dh_link to create the /usr/share/doc/tor-dbg -> tor symlink in tor-dbg. Also call dh_link before dh_install*, so that nothing creates a /usr/share/doc/tor-dbg directory. * No longer call dh_link with arguments to create the /usr/share/man/man5/torrc.5 -> ../man8/tor.8 symlink in the tor package, instead create and populate debian/tor.links accordingly. * Call configure with --disable-silent-rules, so we actually see what the build did in a log. * Try to patch upstream's documenation build system so it does what we want rather than duplicating parts of it in debian/rules. This will fix a bug where we would end up with empty .html documentation if building from the source source tree more than once. * Upstream no longer installs /usr/bin/tor-control.py, so no need to remove it in debian/rules. * No longer try to symlink the changelogs for tor-geoipdb from the tor package. Frist, this has been broken as dh_installchangelogs stomps all over our symlinks. Second, the tor and tor-geoipdb package may be of different versions, so a symlink is probably the wrong thing in the first place. * Add lintian overrides for all three binary packages for rc-version-greater-than-expected-version. Tor's version scheme is sane. -- Peter Palfrader Sat, 22 Sep 2012 12:31:29 +0200 tor (0.2.4.2-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 11 Sep 2012 08:45:17 +0200 tor (0.2.4.1-alpha-1) experimental; urgency=low [ Peter Palfrader ] * New upstream version (starts 0.2.4.x tree). * Forward port debian/patches/03_tor_manpage_in_section_8. [ Stefano Zacchiroli ] * README.privoxy, README.polipo: explicitly set socks type to socks5. -- Peter Palfrader Sat, 08 Sep 2012 13:12:54 +0200 tor (0.2.3.21-rc-1) unstable; urgency=low * New upstream version, changes including: - Tear down the circuit if we get an unexpected SENDME cell. Clients could use this trick to make their circuits receive cells faster than our flow control would have allowed, or to gum up the network, or possibly to do targeted memory denial-of-service attacks on entry nodes. - Reject any attempt to extend to an internal address. Without this fix, a router could be used to probe addresses on an internal network to see whether they were accepting connections. - Do not crash when comparing an address with port value 0 to an address policy. For details please see the upstream changelog. -- Peter Palfrader Fri, 07 Sep 2012 12:25:17 +0200 tor (0.2.3.20-rc-1) unstable; urgency=low * New upstream version, including a couple security fixes: - Avoid read-from-freed-memory and double-free bugs that could occur when a DNS request fails while launching it. Fixes bug 6480. - Avoid an uninitialized memory read when reading a vote or consensus document that has an unrecognized flavor name. This read could lead to a remote crash bug. Fixes bug 6530. - Try to leak less information about what relays a client is choosing to a side-channel attacker. * Suggest the tor-arm controller. * Improve long descriptions with Roger's help. * Use https:// instead of git:// for the Vcs-Git URL. -- Peter Palfrader Tue, 07 Aug 2012 23:13:18 +0200 tor (0.2.3.19-rc-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sat, 07 Jul 2012 12:15:49 +0200 tor (0.2.3.18-rc-1) unstable; urgency=low * New upstream version. * Remove debian/patches/15_longer_test_timeout - something similar has been incorporated upstream (Re: Tor#6227). * Re-enable apparmor, if available: Instead of confining /usr/sbin/tor by default, we now only confine the daemon that is launched from the init script. We do this by calling aa-exec with the appropriate flags, if it is installed. Therefore also suggest apparmor-utils. -- Peter Palfrader Fri, 29 Jun 2012 12:03:30 +0200 tor (0.2.3.17-beta-3) unstable; urgency=low * Apply the correct SE-Linux label to /var/run/tor when creating the directory in the init script (closes: #678362). Thanks to Russell Coker. * Hack up the unit tests to wait longer for the thread test to finish. This is not a real fix, but it will probably make it more likely that we successfully build on our mips/octeon machines (Re: Tor#6227). -- Peter Palfrader Sun, 24 Jun 2012 16:13:35 +0200 tor (0.2.3.17-beta-2) unstable; urgency=low * Shipping and enabling the apparmor policy by default causes Tor to break for users who have apparmor enabled in enforcind mode and that, either in addition to or instead of running Tor as a system service (i.e. /etc/init.d/tor), also run Tor as their user or in some other means like launched from vidalia. Therefore: . - No longer install apparmor policy by default. It can be found in /usr/share/doc/tor if anybody is interested. - No longer build-depend on dh-apparmor, or suggest apparmor. - Also, clean up and remove old /etc/apparmor.d/usr.sbin.tor files on upgrade if they have not been changed by the user. . These changes relate to Debian Bug #670525 and fixes Tor ticket #6188. -- Peter Palfrader Mon, 18 Jun 2012 14:21:36 +0200 tor (0.2.3.17-beta-1) unstable; urgency=low * New upstream version. * apparmor policy: - allow access to /var/log/tor/* and not just /var/log/tor/log*, * No longer create /var/run/tor in postint if it does not exist - the init script should take care of that. * Change the output of the init script to use lsb* functions: - Depend on lsb-base. - Makes the output pretty (closes: #676843) * Also, in the init script we are now less verbose, unless VERBOSE is set to yes in /etc/default/rcS (see the rcS(5) manual page): - pass --hush to tor on startup, so only warnings and errors are displayed, hiding any notice level log output, - do not report raising ulimit -n. -- Peter Palfrader Fri, 15 Jun 2012 15:26:38 +0200 tor (0.2.3.16-alpha-1) experimental; urgency=medium * New upstream version. - Work around a bug in OpenSSL that broke renegotiation with TLS 1.1 and TLS 1.2. Without this workaround, all attempts to speak the v2 Tor connection protocol when both sides were using OpenSSL 1.0.1 would fail. Resolves ticket 6033. - and more - please consult upstream changelog. * Include apparmor profile. Thanks to intrigeri (closes: #670525). -- Peter Palfrader Wed, 06 Jun 2012 11:09:59 +0200 tor (0.2.3.15-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 30 Apr 2012 23:18:41 +0200 tor (0.2.3.14-alpha-1) experimental; urgency=low * New upstream version. - No longer need backported 45ace4844b020cb754d3bb65f1021bfeb5115f9e from master to fix a test suite stack overflow. * torify now no longer can use tsocks. Change recommends from torsocks | tsocks to just torsocks. -- Peter Palfrader Tue, 24 Apr 2012 08:34:05 +0200 tor (0.2.3.13-alpha-1) experimental; urgency=low * New upstream version. * When creating the debian-tor user that tor runs at, create it with a shell of /bin/false instead of /bin/bash. Does not change shells of existing users (closes: #658358). * Include 45ace4844b020cb754d3bb65f1021bfeb5115f9e from master to fix a test suite stack overflow, just introduced. -- Peter Palfrader Tue, 27 Mar 2012 14:12:37 +0200 tor (0.2.3.12-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 13 Feb 2012 19:09:58 +0100 tor (0.2.3.11-alpha-2) experimental; urgency=low * init script: use the new defaults torrc file also for when we try to check our configuration (tor --verify-config) prior to starting tor. (Might close TorBug#4954.) -- Peter Palfrader Wed, 25 Jan 2012 22:52:03 +0100 tor (0.2.3.11-alpha-1) experimental; urgency=low * New upstream version. * No longer patch Tor to set DataDirectory, RunAsDaemon etc. when run as root or debian-tor. Instead ship with a file setting all these options in /usr/share/tor/tor-service-defaults-torrc and cause our init-script to pass --defaults-torrc to the tor started by that script. * No longer fail postinst when the init script fails to restart tor. Patch provided by Carl Fuerstenberg (closes: #652884). -- Peter Palfrader Mon, 23 Jan 2012 14:50:16 +0100 tor (0.2.3.10-alpha-1) experimental; urgency=high * New upstream version, fixing a heap overflow bug related to Tor's SOCKS code (CVE-2011-2778). -- Peter Palfrader Thu, 15 Dec 2011 21:29:00 +0100 tor (0.2.3.9-alpha-1) experimental; urgency=low * New upstream version. * There no longer is a document called INSTALL to copy to usr/share/docs/tor, so get rid of the lintian override. Since that was the only one in the tor package get rid of installing overrides for the tor package entirely - there's still one override in tor-geoipdb (closes Tor #4576). -- Peter Palfrader Thu, 08 Dec 2011 22:30:31 +0100 tor (0.2.3.8-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Wed, 23 Nov 2011 12:38:51 +0100 tor (0.2.3.7-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 31 Oct 2011 00:06:14 +0100 tor (0.2.3.6-alpha-1) experimental; urgency=high * New upstream version, fixing a couple of security relevant bugs such as guard enumeration (CVE-2011-2768) and bridge enumeration (CVE-2011-2769) issues. For details consult the upstream changelog. -- Peter Palfrader Thu, 27 Oct 2011 15:59:44 +0200 tor (0.2.3.5-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Thu, 29 Sep 2011 09:38:34 +0200 tor (0.2.3.4-alpha-1) experimental; urgency=low * New upstream version. * Make patches/06_add_compile_time_defaults build without compiler warnings: - use config_find_option_mutable() instead of config_find_option() if we're going to mess with the return value, - Correctly declare functions as having no arguments instead of not telling the compiler which arguments it'll have. * Suggest tor-arm (closes: #640265). * Downgrade socat and polipo|privoxy to Suggests (closes: #640264). -- Peter Palfrader Wed, 14 Sep 2011 09:00:30 +0200 tor (0.2.3.3-alpha-1) experimental; urgency=low * New upstream version. * Upload to experimental now that 0.2.2.x is out of rc and was uploaded to unstable. * Merged from debian-0.2.2: 0.2.2.29-beta-1 - The postinst script changes /var/run/tor to mode 02750 if it exists, but the tor init script creates it with mode 02700 if it doesn't. Change the init script to also create the directory with a group writeable mode, the same as the postinst maintainer script, i.e. 02750. . This will allow users in the debian-tor group to access the control socket (re: #552556). - Enable Control Socket by default. It lives in /var/run/tor/ (closes: #552556). * Update context in patches/06_add_compile_time_defaults. * Forward port patches/07_log_to_file_by_default. -- Peter Palfrader Sat, 03 Sep 2011 13:32:18 +0200 tor (0.2.3.1-alpha-1) tor-0.2.3.x; urgency=low * New upstream version. * Forward port debian/patches/14_fix_geoip_warning. -- Peter Palfrader Fri, 06 May 2011 17:08:03 +0200 tor (0.2.2.25-alpha-1) experimental; urgency=low * New upstream version. * Add Vcs-* control fields. Patch by intrigeri@boum.org (closes: #623316). * Update mailinglist archive URLs in package description. Patch by intrigeri@boum.org (closes: #623318). -- Peter Palfrader Sun, 01 May 2011 19:48:24 +0200 tor (0.2.2.24-alpha-1) experimental; urgency=low * New upstream version. * Forward port missing changes from the 0.2.1.x tree: - Add ${misc:Depends} for all three binary packages because debhelper might want to add stuff [tor 0.2.1.26-1]. - tor.postinst: Stop calling stat(1) with its full path [tor 0.2.1.26-1]. - No longer set ulimit -c to unlimited: Up until now the init script (or actually /etc/default/tor) raised the ulimit for coredumps to unlimited, so that Tor would produce coredumps on assert errors or segfaults. Coredumps however can leak sensitive information, like cryptographic session keys and clients' data should the core files get into the wrong hands. As such it seems prudent to only enable coredumps if the user or operator explicitly asks for them, and knows what to do with them. [tor 0.2.1.26-2] - Also include a cron.weekly job that removes old coredumps from /var/lib/tor. This action can be disabled in /etc/default/tor. [tor 0.2.1.26-2] - Make sure the cronjob does not try to access a /var/lib/tor that has already been removed (due to for instance package removal). Thanks to Holger and piuparts for catching this. [tor 0.2.1.26-3] -- Peter Palfrader Sun, 10 Apr 2011 19:08:27 +0200 tor (0.2.2.23-alpha-1) experimental; urgency=low * New upstream version. * The tor specification files are no longer shipped in the tarball, so /usr/share/doc/tor/spec is no more. They can be found online at . -- Peter Palfrader Wed, 09 Mar 2011 14:40:16 +0100 tor (0.2.2.22-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Wed, 26 Jan 2011 19:20:21 +0100 tor (0.2.2.21-alpha-1) experimental; urgency=high * New upstream version, including several security related fixes. See upstream changelog for details. Addresses CVE-2011-0427. * Forward port patches/03_tor_manpage_in_section_8. -- Peter Palfrader Sun, 16 Jan 2011 18:40:27 +0100 tor (0.2.2.20-alpha-1) experimental; urgency=high * New upstream version. - Fix a remotely exploitable bug that could be used to crash instances of Tor remotely by overflowing on the heap. Remote-code execution hasn't been confirmed, but can't be ruled out (CVE-2010-1676). * Since the dawn of time (0.0.2pre19-1, January 2004, initial release of the debian package), the postinst script has changed ownership and permissions of various trees like /var/lib/tor, /var/run/tor, and /var/log/tor, sometimes recursively. . It turns out this actually is a security issue, so try to be more conservative when fixing up modes and only chown/chgrp /var/{lib,log,run}/tor directly, never recursively. * Remove /var/run/tor, recursively, on purge. We already do this for /var/lib/tor and /var/log/tor. -- Peter Palfrader Sat, 18 Dec 2010 13:35:26 +0100 tor (0.2.2.19-alpha-1) experimental; urgency=low * New upstream version. - remove debian/patches/15_tlsext_host_name (already included in new upstream version). -- Peter Palfrader Mon, 29 Nov 2010 13:46:10 +0100 tor (0.2.2.18-alpha-2) experimental; urgency=low * If we overwrite src/or/micro-revision.i in during build, clean it out in the clean target. * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8 (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198): . Do not set the tlsext_host_name extension on server SSL objects; only on client SSL objects. We set it to immitate a browser, not a vhosting server. This resolves an incompatibility with openssl 0.9.8p and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. -- Peter Palfrader Sun, 21 Nov 2010 23:39:32 +0100 tor (0.2.2.18-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 16 Nov 2010 20:01:23 +0100 tor (0.2.2.17-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Fri, 01 Oct 2010 12:33:28 +0200 tor (0.2.2.16-alpha-1) experimental; urgency=low * New upstream version. * Downgrade torsocks/tsocks dependency to a recommends. That tool is not needed if you only run a relay, or if you access Tor only using polipo or privoxy. The torify(1) wrapper that makes use of torsocks or tsocks already handles their absense and emmits a proper message telling the user what they are missing (closes: #595898). * Remove suggests of mixminion which is no longer in the archive (closes: #594207), and also of anon-proxy which appears to not have been updated in at least two years. * Add xul-ext-torbutton to suggests. -- Peter Palfrader Sat, 18 Sep 2010 19:49:23 +0200 tor (0.2.2.15-alpha-1) experimental; urgency=low * New upstream version. * Forward port 06_add_compile_time_defaults. -- Peter Palfrader Sat, 21 Aug 2010 10:39:41 +0200 tor (0.2.2.14-alpha-1) experimental; urgency=low * New upstream version. Among many other things: - New config option "WarnUnsafeSocks 0" disables the warning that occurs whenever Tor receives only an IP address instead of a hostname. Setups that do DNS locally over Tor are fine, and we shouldn't spam the logs in that case. (Closes: #497466) -- Peter Palfrader Thu, 15 Jul 2010 14:41:10 +0200 tor (0.2.2.13-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sat, 24 Apr 2010 12:12:11 +0200 tor (0.2.2.12-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 20 Apr 2010 12:23:00 +0200 tor (0.2.2.11-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sat, 17 Apr 2010 21:49:19 +0200 tor (0.2.2.10-alpha-2) experimental; urgency=low * In /etc/default/tor also source /etc/default/tor.vidalia if it exists and if vidalia is installed. We do this so that the vidalia package can override some of our settings: People who have vidalia installed might not want to run Tor as a system service. The vidalia .deb can ask them that and then set run-daemon to no. -- Peter Palfrader Sat, 03 Apr 2010 15:24:11 +0200 tor (0.2.2.10-alpha-1) experimental; urgency=low * New upstream version. * debian/rules: - make manpage building properly depend on patch-stamp, - Fix building in the absence of a debian/micro-revision.i file. -- Peter Palfrader Tue, 09 Mar 2010 14:06:48 +0100 tor (0.2.2.9-alpha-1) experimental; urgency=low * New upstream version. - We no longer need to build-depend on a recent libssl-dev because Tor now detects whether we need to explicitly turn on autonegotiation at run-time rather than compile time. Good. (This also means we no longer need to conflict with newer libssls when we built against an old one on backports.) - The manpages are now built with asciidoc. While the upstream tarball already ships with the output of asciidoc, we instead build the manpages during package build time so we can patch them. + Therefore build-depend on asciidoc (>= 8.2), docbook-xml, docbook-xsl, and xmlto. + update 03_tor_manpage_in_section_8 to patch the .txt files now. + Remove tor.1.in torify.1.in tor-gencert.1.in tor-resolve.1.in in the doc directory during clean. + And try to work around missing (and if it wasn't, broken) build-system for the manpages. + The torify.1 manpage gets installed by upstream, no longer need to do it manually in debian/rules. - The original design paper is no longer shipped with Tor. + Remove debian/hexdump-*.pdf (which we used to work around fig2dev bugs). + No longer build the paper in debian/rules, and remove it from debian/tor.docs. + No longer build-depend on texlive-base-bin, texlive-latex-base, texlive-fonts-recommended, transfig and ghostscript. - Upstream tarballs no longer ship an AUTHORS file, or the website, Removed these from debian/tor.docs. No longer shipping parts of the website also closes: #443560. - Also no longer distribute doc/TODO and doc/HACKING in the debian package. * Move from comm to section net, where it might fit slightly better (closes: #482801). * Ship contrib/tor-exit-notice.html in the tor package (put it into usr/share/doc/tor; closes: #568934). * Add stark README.polipo with the instructions from Juliusz Chroboczek. (closes: #413730) * 0.2.2.4-alpha failed to ship test.h so we had included it in the debian diff. The upstream bug has long since been fixed so we should probably stop shipping our own copy of test.h. * Finally apply Peter Eisentraut's patch for tor's init script to support status as an argument (closes: #526371). -- Peter Palfrader Sun, 28 Feb 2010 10:58:10 +0100 tor (0.2.2.8-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Fri, 29 Jan 2010 23:22:35 +0100 tor (0.2.2.7-alpha-2) experimental; urgency=low * debian/rules: Minor cleanup (use a single variable for making up our configure flags, not two). * debian/rules: Remove logic that ignores the result of unit tests if localhost does not resolve (or not to 127.0.0.1). This should no longer be necessary as our build chroots have gotten a lot better. * Depend on and enable hardening-includes for building. -- Peter Palfrader Sun, 24 Jan 2010 13:22:26 +0100 tor (0.2.2.7-alpha-1) experimental; urgency=medium * New upstream version. - Rotate keys (both v3 identity and relay identity) for moria1 and gabelmoo. [and more] -- Peter Palfrader Wed, 20 Jan 2010 19:29:08 +0100 tor (0.2.2.6-alpha-1) experimental; urgency=low * New upstream version. - Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch (part of upstream). -- Peter Palfrader Mon, 23 Nov 2009 18:52:04 +0100 tor (0.2.2.5-alpha-1) experimental; urgency=low * New upstream version. * Pick 0a58567ce3418f410cf1dd0143dd3e56b4a4bd1f from master git tree: - work with libssl that has renegotiation disabled by default. (debian/patches/0a58567c-work-with-reneg-ssl.dpatch) * Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against earlier versions we will not work once libssl gets upgraded to a version that disabled renegotiations. * Change order of recommends from privoxy | polipo to polipo | privoxy. * Allegedly echo -e is a bashism. Remove it from debian/rules, we don't need it anyways (closes: #478631). * Change the dependency on tsocks to torsocks | tsocks (see: #554717). -- Peter Palfrader Sun, 15 Nov 2009 11:04:02 +0100 tor (0.2.2.4-alpha-1) experimental; urgency=low * New upstream version. * The testsuite moved from src/or/test to src/test/test, but let's call it using "make check" now. * Upstream failed to ship src/test/test.h. Ship it in debian/ and manually copy it in place during configure and clean up in clean. Let's not use the patch system as this will most likely be rectified by next release. -- Peter Palfrader Sun, 11 Oct 2009 10:38:55 +0200 tor (0.2.2.3-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Wed, 23 Sep 2009 10:27:40 +0200 tor (0.2.2.2-alpha-1) experimental; urgency=low * New upstream version. * The files src/common/common_sha1.i src/or/or_sha1.i get changed during the build - they contain the checksums of the individual files that end up in the binary. Of couse changes only end up in the debian diff.gz after building a second time in the same directory. So, remove those files in clean to get both a cleaner diff.gz and idempotent builds. * If we have a debian/micro-revision.i, replace the one in src/or with our copy so that this will be the revision that ends up in the binary. This is an informational only version string, but it'd be kinda nice if it was (more) accurate nonetheless. . Of course this won't help if people manually patch around but it's still preferable to claiming we are exactly upstream's source. . If we are building directly out of a git tree, update debian/micro-revision.i in the clean target. -- Peter Palfrader Mon, 21 Sep 2009 14:51:20 +0200 tor (0.2.2.1-alpha-1) experimental; urgency=low * New upstream version. * Forward port patches/03_tor_manpage_in_section_8.dpatch. * Forward port patches/06_add_compile_time_defaults.dpatch. -- Peter Palfrader Thu, 03 Sep 2009 15:10:26 +0200 tor (0.2.1.19-1) unstable; urgency=low * New upstream version. - Make accessing hidden services on 0.2.1.x work right (closes: #538960). [More items are in the upstream changelog.] -- Peter Palfrader Wed, 29 Jul 2009 12:49:03 +0200 tor (0.2.1.18-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sat, 25 Jul 2009 11:15:11 +0200 tor (0.2.1.17-rc-1) experimental; urgency=low * New upstream version. * Update upstream URL in debian/copyright. -- Peter Palfrader Mon, 13 Jul 2009 23:37:37 +0200 tor (0.2.1.16-rc-1) experimental; urgency=low * New upstream version. * No longer inform the user if/when we re-create the /var/run/tor directory in the init script. With /var/run on tmpfs this is completely normal now so our message was just noise. * Stop shipping /var/run/tor in the package. * Only clean up permissions of /var/run/tor in postinst if the directory actually exists. * Update Standards-Version from 3.8.0 to 3.8.1. No real changes required, we already support nocheck in DEB_BUILD_OPTIONS since August 2004, and we already create our var/run directory in the init script (tho we now no longer ship it either - see above). * Change debhelper compatibility version from 4 to 5: - Change dh_strip call from --dbg-package=tor to --dbg-package=tor-dbg. - Update versioned build time dependency on debhelper. * Forward port 06_add_compile_time_defaults. -- Peter Palfrader Sat, 20 Jun 2009 13:16:02 +0200 tor (0.2.1.15-rc-1) experimental; urgency=low * New upstream version. * Change build time dependency on gs to ghostscript. -- Peter Palfrader Sat, 30 May 2009 21:10:03 +0200 tor (0.2.1.14-rc-1) experimental; urgency=low * New upstream version. * Change Section of tor-dbg to debug. -- Peter Palfrader Thu, 16 Apr 2009 19:54:19 +0200 tor (0.2.1.13-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sun, 15 Mar 2009 00:58:07 +0100 tor (0.2.1.12-alpha-1) experimental; urgency=low * New upstream version, fixing several security relevant bugs: - Avoid a potential crash on exit nodes when processing malformed input. Remote DoS opportunity (closes: #514579). - Fix a temporary DoS vulnerability that could be performed by a directory mirror (closes: #514580). * patches/06_add_compile_time_defaults: Only set the User option in the config if we run as root. Do not set it when run as debian-tor as Tor then always insists on changing users which will fail. (If we run as any other user we don't set our debian defaults anyway.) -- Peter Palfrader Tue, 10 Feb 2009 00:19:53 +0100 tor (0.2.1.11-alpha-1) experimental; urgency=high * New upstream version: - Fixes a possible remote heap buffer overflow bug. - torify(1) manpage mentions DNS leaks now (closes: #495829). * README.Debian: No longer claim we change the default 'Group' setting when run as debian-user. That setting no longer exists. * Forward port 03_tor_manpage_in_section_8.dpatch. -- Peter Palfrader Wed, 21 Jan 2009 01:00:15 +0100 tor (0.2.1.10-alpha-1) experimental; urgency=low * New alpha release. * Forward port 03_tor_manpage_in_section_8.dpatch. -- Peter Palfrader Sun, 11 Jan 2009 12:06:28 +0100 tor (0.2.1.9-alpha-1) experimental; urgency=low * New alpha release. -- Peter Palfrader Fri, 26 Dec 2008 20:51:53 +0100 tor (0.2.1.8-alpha-1) experimental; urgency=low * New alpha release. -- Peter Palfrader Mon, 15 Dec 2008 23:00:32 +0100 tor (0.2.1.7-alpha-2) experimental; urgency=low * No longer set now obsolete Group setting in built-in debian config. -- Peter Palfrader Mon, 10 Nov 2008 16:28:31 +0100 tor (0.2.1.7-alpha-1) experimental; urgency=low * New alpha release. -- Peter Palfrader Mon, 10 Nov 2008 09:39:30 +0100 tor (0.2.1.6-alpha-1) experimental; urgency=low * New alpha release. * Forward port 14_fix_geoip_warning.dpatch. -- Peter Palfrader Tue, 30 Sep 2008 14:37:26 +0200 tor (0.2.1.5-alpha-1) experimental; urgency=low * New alpha release. -- Peter Palfrader Tue, 02 Sep 2008 00:18:55 +0200 tor (0.2.1.4-alpha-1) experimental; urgency=low * New alpha release. * Do not build with openbsd's malloc unless enable-openbsd-malloc is in DEB_BUILD_OPTIONS. -- Peter Palfrader Tue, 05 Aug 2008 12:33:23 +0200 tor (0.2.1.2-alpha-1) experimental; urgency=low * New alpha release. -- Peter Palfrader Wed, 16 Jul 2008 13:05:45 +0200 tor (0.2.0.30-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Wed, 16 Jul 2008 02:19:08 +0200 tor (0.2.0.29-rc-2) unstable; urgency=low * Upload to unstable. -- Peter Palfrader Tue, 15 Jul 2008 22:16:08 +0200 tor (0.2.0.29-rc-1) experimental; urgency=low * New upstream version. * Warn the admin if the number of file descriptors on his system is tiny. -- Peter Palfrader Wed, 09 Jul 2008 14:02:06 +0200 tor (0.2.0.28-rc-1) experimental; urgency=low * New upstream version. * Remove debian/patches/11_tor_as_root_more_helpful.dpatch as it is no longer needed: We now setuid() to the Tor user when run as root and it all just works. * Add comments to the dpatch headers so lintian shuts up. * Add patches/14_fix_geoip_warning: Change geoipdb open failed message. * Require unit tests to pass again. -- Peter Palfrader Fri, 13 Jun 2008 10:28:36 +0200 tor (0.2.0.27-rc-1) experimental; urgency=low * New upstream version. * Add tor-geoipdb arch: all package for the geoip database. * Update debian/rules so that there now is a binary-common target and the binary-indep and binary-arch targets call make with proper DH_OPTIONS options. This is taken from the template that dh_make nowadays uses for multi-binary packages. * Unit tests are broken, yay. * Use ${binary:Version} to depend on the right tor binary package from the tor-dbg package instead of ${Source-Version}. Some guy on the internet said the latter was deprecated. * Add Homepage: https://www.torproject.org/ field to control file. * And mention www.tp.o instead of the old tor.eff.org in the long description. * No longer ignore failure of make clean in the clean target. * Support passing of parallel= in build options. * Change declared Standards-Version to 3.8.0. -- Peter Palfrader Fri, 06 Jun 2008 01:11:33 +0200 tor (0.2.0.26-rc-1) experimental; urgency=critical * New upstream version. * Conflict with old libssls. * On upgrading from versions prior to, including, 0.1.2.19-2, or from versions later than 0.2.0 and prior to 0.2.0.26-rc do the following, and if we are a server (we have a /var/lib/tor/keys directory) - move /var/lib/tor/keys/secret_onion_key out of the way. - move /var/lib/tor/keys/secret_onion_key.old out of the way. - move /var/lib/tor/keys/secret_id_key out of the way if it was created on or after 2006-09-17, which is the day the bad libssl was uploaded to Debian unstable. * Add a NEWS file explaining this change. -- Peter Palfrader Tue, 13 May 2008 16:11:21 +0200 tor (0.2.0.24-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Wed, 23 Apr 2008 02:25:22 +0200 tor (0.2.0.23-rc-1) experimental; urgency=low * New upstream version. * Mention OpenBSD_malloc_Linux.c in debian/copyright. * Add a recommends on logrotate. -- Peter Palfrader Tue, 25 Mar 2008 09:34:37 +0100 tor (0.2.0.22-rc-1) experimental; urgency=low * New upstream version. * Work around fig2dev failing to build the images on all archs (re #457568). * Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the horrible memory fragmentation that glibc's malloc causes. -- Peter Palfrader Wed, 19 Mar 2008 08:03:47 +0100 tor (0.2.0.21-rc-1) experimental; urgency=low * New upstream version. * Run --verify-config before start/reload/restart as root. No longer su - to debian-tor tor run it. Given that we now even start Tor as root (it setuids later on) this should be fine (closes: #468566). -- Peter Palfrader Mon, 3 Mar 2008 13:36:59 +0100 tor (0.2.0.20-rc-1) experimental; urgency=low * New upstream version. * Change the default for MAX_FILEDESCRIPTORS in our init script to depend on the number of system-wide available file descriptors: /proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's greater than 40k set the limit to 16k, and when greater than 10k our limit shall be 8k descriptors. If there are less than 20k FDs in the entire system default to a limit of only 1024. Big servers at the moment regularly use more than 10k FDs, so our old default of 8k no longer is sufficient. On the other hand we don't want lower end systems to run out of FDs on Tor's account. * If we run as root also apply debian defaults. * Add User=debian-tor and Group=debian-tor to debian defaults. That allows us to start Tor as root and have it setuid/setgid to the target user. * Change the init script to start Tor as root. Now we should be able to bind to low port. -- Peter Palfrader Mon, 25 Feb 2008 13:54:58 +0100 tor (0.2.0.19-alpha-1) experimental; urgency=low * New upstream version. * It's 2008. Now is the time to add copyright statements for 2007. * Forward port 03_tor_manpage_in_section_8.dpatch. -- Peter Palfrader Sun, 10 Feb 2008 01:12:04 +0100 tor (0.2.0.18-alpha-2) experimental; urgency=low * Work around fig2dev failing to build the images on mipsel like we do on sparc and s390 (re #457568) * Fix postinst find command that chowns stuff to the right user. Find does weird things in the presence of !. -- Peter Palfrader Sun, 3 Feb 2008 18:17:16 +0100 tor (0.2.0.18-alpha-1) experimental; urgency=low * New upstream version. * postinst: Remove the check that requires the debian-tor user to have a uid between 100 and 999. There is no good reason to require this. If the local admin moves the system users/uid-space to some other range then they probably have a good reason for that. * postinst: change wording if debian-tor's homedir is wrong, do not print anything if it is ok. * postinst: We were only fixing the permissions of /var/{lib,run,log}/tor when we were not upgrading. Unfortunately the check doesn't work all that well usually in cases where the package was removed (not purged) and then later re-installed again. Now we ensure proper ownership and modes for all the directories and files below /var/{lib,run,log}/tor (the dirs themselves included) every time we run postinst. * postinst: if we reboot between unpacking and configuring on some smart systems this will mean that we just lost /var/run/tor - creating it in the maintainer script if it doesn't exist. * Create logfiles in logrotate so that they come into the world with the correct mode (o-r). -- Peter Palfrader Thu, 24 Jan 2008 15:15:32 +0100 tor (0.2.0.17-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Thu, 17 Jan 2008 21:42:25 +0100 tor (0.2.0.15-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 25 Dec 2007 08:53:25 +0100 tor (0.2.0.14-alpha-1) experimental; urgency=low * New upstream version. * Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again - it's included upstream. * Work around fig2dev failing to build the images on sparc like we do on s390. -- Peter Palfrader Sun, 23 Dec 2007 13:45:41 +0100 tor (0.2.0.13-alpha-1) experimental; urgency=low * New upstream version. * Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch). -- Peter Palfrader Fri, 21 Dec 2007 11:52:43 +0100 tor (0.2.0.12-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sun, 18 Nov 2007 11:49:06 +0100 tor (0.2.0.11-alpha-1) experimental; urgency=low * New upstream version. * remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's now part of upstream. -- Peter Palfrader Thu, 15 Nov 2007 11:07:06 +0100 tor (0.2.0.9-alpha-2) experimental; urgency=low * Do not separate required lsb facilities with commas in the init script (closes: #448001). * Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch, from trunk/head. -- Peter Palfrader Sun, 28 Oct 2007 00:03:21 +0200 tor (0.2.0.9-alpha-1) experimental; urgency=low * New upstream version. * Only create pid dir if we are about to start Tor (Luca Capello, closes: #447508). -- Peter Palfrader Fri, 26 Oct 2007 14:29:56 +0200 tor (0.2.0.8-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sat, 13 Oct 2007 16:27:04 +0200 tor (0.2.0.7-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 24 Sep 2007 23:50:14 +0200 tor (0.2.0.6-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 27 Aug 2007 15:41:31 +0200 tor (0.2.0.5-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sun, 19 Aug 2007 15:10:49 +0200 tor (0.2.0.4-alpha-1) experimental; urgency=high * New upstream version. -- Peter Palfrader Thu, 2 Aug 2007 07:09:36 +0200 tor (0.2.0.3-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 31 Jul 2007 07:03:00 +0200 tor (0.2.0.2-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sun, 3 Jun 2007 02:31:29 +0200 tor (0.2.0.1-alpha-1) experimental; urgency=low * New upstream version. * Forward port 06_add_compile_time_defaults. * teTeX is no more, long live TeX Live: - remove build depends on tetex-bin, tetex-extra, - add build depends on texlive-base-bin for dvips and bibtex, texlive-latex-base for latex, and texlive-fonts-recommended for fonts like ptmr7t. -- Peter Palfrader Sat, 2 Jun 2007 14:31:15 +0200 tor (0.1.2.19-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Thu, 17 Jan 2008 20:57:42 +0100 tor (0.1.2.18-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Mon, 29 Oct 2007 20:36:38 +0100 tor (0.1.2.17-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Fri, 31 Aug 2007 03:14:33 +0200 tor (0.1.2.16-1) unstable; urgency=high * New upstream version. -- Peter Palfrader Thu, 2 Aug 2007 06:43:09 +0200 tor (0.1.2.15-1) unstable; urgency=low * New upstream version. * Change build-depends from tetex to texlive suite. -- Peter Palfrader Thu, 19 Jul 2007 22:33:43 +0200 tor (0.1.2.14-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Fri, 25 May 2007 21:49:20 +0200 tor (0.1.2.13-3) unstable; urgency=low * Always give a shell (/bin/sh) when we use su(1) in our init script (closes: #421465). -- Peter Palfrader Sun, 6 May 2007 14:44:11 +0200 tor (0.1.2.13-2) unstable; urgency=low * In options_init_from_torrc()'s error path only config_free() options if they already have been initialized (closes: #421235). -- Peter Palfrader Fri, 27 Apr 2007 13:06:37 +0200 tor (0.1.2.13-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Tue, 24 Apr 2007 21:21:10 +0200 tor (0.1.2.12-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Sat, 17 Mar 2007 11:35:31 +0100 tor (0.1.2.10-rc-1) experimental; urgency=low * New upstream version. * Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728). -- Peter Palfrader Fri, 9 Mar 2007 10:57:40 +0100 tor (0.1.2.8-beta-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 26 Feb 2007 11:50:49 +0100 tor (0.1.2.7-alpha-1) experimental; urgency=low * New upstream version. * Install all the spec files into usr/share/doc/tor/spec now. They moved to doc/spec/* from just doc/* in the source too. -- Peter Palfrader Tue, 13 Feb 2007 18:51:14 +0100 tor (0.1.2.6-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Tue, 9 Jan 2007 17:39:15 +0100 tor (0.1.2.5-alpha-1) experimental; urgency=low * New upstream version. * Disable 02_add_debian_files_in_manpage.dpatch for now. -- Peter Palfrader Sun, 7 Jan 2007 13:57:37 +0100 tor (0.1.2.4-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 4 Dec 2006 00:13:37 +0100 tor (0.1.2.3-alpha-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 30 Oct 2006 11:06:52 +0100 tor (0.1.2.2-alpha-1) experimental; urgency=low [ Peter Palfrader ] * New upstream version. [ Roger Dingledine ] * Minor update of debian/copyright. -- Peter Palfrader Tue, 10 Oct 2006 03:26:00 +0200 tor (0.1.2.1-alpha-1) experimental; urgency=low * Forward port 07_log_to_file_by_default.dpatch. * Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and Log differed from upstreams. Now Tor behaves just like before (with our own DataDirectory and all) only when run as the debian-tor user. If invoked as any other user, Tor will behave just like the pristine upstream version. * Tell users about the init script when they try to run Tor as root. Should we also do this when they try to run their Tor as any other (non root, non debian-tor) user? - add 11_tor_as_root_more_helpful * Use tor --verify-config before start and reload. Abort init script with exit 1 if config does not verify. * Change Standards-Version to 3.7.2. No changes required. -- Peter Palfrader Tue, 29 Aug 2006 22:38:29 +0200 tor (0.1.1.26-1) unstable; urgency=high * New upstream version (Stop sending the HttpProxyAuthenticator string to directory servers when directory connections are tunnelled through Tor). -- Peter Palfrader Fri, 15 Dec 2006 20:24:07 +0100 tor (0.1.1.25-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sat, 4 Nov 2006 17:16:08 +0100 tor (0.1.1.24-1) unstable; urgency=low * New upstream version. * Update debian/copyright: - tree.h has vanished somewhere along the current branch - ht.h is new and credits Christopher Clark - We didn't mention Matej Pfajfar's copyright before. * Forward port 07_log_to_file_by_default. -- Peter Palfrader Fri, 6 Oct 2006 23:32:45 +0200 tor (0.1.1.23-1) unstable; urgency=medium * New upstream version. -- Peter Palfrader Thu, 3 Aug 2006 03:13:24 +0200 tor (0.1.1.22-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Thu, 6 Jul 2006 02:55:37 +0200 tor (0.1.1.21-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sun, 11 Jun 2006 18:27:13 +0200 tor (0.1.1.20-1) unstable; urgency=low * New upstream stable release: The 0.1.1.x tree is now the new stable tree. Upload to unstable rather than experimental. -- Peter Palfrader Tue, 23 May 2006 20:16:25 +0200 tor (0.1.1.19-rc-1) experimental; urgency=low * New upstream version. * Remove support for my nodoc DEB_BUILD_OPTIONS variable. It clutters stuff and I haven't used it in ages. * Update debian/tor.docs file. -- Peter Palfrader Fri, 5 May 2006 16:27:48 +0200 tor (0.1.1.18-rc-1) experimental; urgency=low * New upstream version. * update debian/tor.doc: - no longer ship INSTALL and README files, they are useless now. - doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html, doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced by doc/website/stylesheet.css and doc/website/tor-* which is more or less the same, only taken from the website. Some links are probably broken still, but this should get fixed eventually. -- Peter Palfrader Mon, 10 Apr 2006 12:00:50 +0200 tor (0.1.1.17-rc-1) experimental; urgency=low * New upstream version. * Forward port patches/07_log_to_file_by_default. -- Peter Palfrader Tue, 28 Mar 2006 09:48:04 +0200 tor (0.1.1.16-rc-1) experimental; urgency=low * New upstream version. -- Peter Palfrader Mon, 20 Mar 2006 02:03:29 +0100 tor (0.1.1.15-rc-1) experimental; urgency=low * New upstream version. * Apparently passing --host to configure when not cross-compiling is evil now and greatly confuses configure. So don't do it unless it actually differs from --build host. -- Peter Palfrader Sat, 11 Mar 2006 20:04:36 +0100 tor (0.1.1.14-alpha-1) experimental; urgency=low * New upstream version. * Include 0.1.0.17 changelog in experimental tree. * doc/FAQ is no longer shipped, so remove it from debian/tor.docs. -- Peter Palfrader Tue, 21 Feb 2006 05:16:21 +0100 tor (0.1.1.13-alpha-1) experimental; urgency=low * New upstream version. * Forward port patches/02_add_debian_files_in_manpage. * Forward port patches/03_tor_manpage_in_section_8. * Create /var/run/tor on init script start if it does not exist already. * Set default ulimit -n to 8k instead of 4k in /etc/default/tor. * Print that we're raising the ulimit to stdout in the init script. * Add CVE numbers to past issues in the changelog where applicable. -- Peter Palfrader Fri, 10 Feb 2006 14:38:11 +0100 tor (0.1.1.12-alpha-1) experimental; urgency=low * New upstream version, that was a quick one. :) * Forward port patches/02_add_debian_files_in_manpage. -- Peter Palfrader Thu, 12 Jan 2006 02:53:27 +0100 tor (0.1.1.11-alpha-1) experimental; urgency=low * New upstream version. - Implement "entry guards": automatically choose a handful of entry nodes and stick with them for all circuits. This will increase security dramatically against certain end-point attacks (closes: #349283, CVE-2006-0414). * Forward port patches/07_log_to_file_by_default. * Forward port 0.1.0.16 changelog and change to copyright file. -- Peter Palfrader Wed, 11 Jan 2006 12:08:25 +0100 tor (0.1.1.10-alpha-1) experimental; urgency=low * New upstream version. * doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream tarball, remove them from debian/tor.docs. * add the following new files to tor.docs: doc/socks-extensions.txt, doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html -- Peter Palfrader Sun, 11 Dec 2005 14:02:41 +0100 tor (0.1.1.9-alpha-1) experimental; urgency=low * New upstream version. * Remove 08_add_newlines_between_serverdescriptors.dpatch. * Update 06_add_compile_time_defaults.dpatch * Use bin/bash for the init script instead of bin/sh. We are using ulimit -n which is not POSIX (closes: #338797). * Remove the EVENT_NOEPOLL block from etc/default/tor. * Add an ARGS block to etc/default/tor as suggested in #338425. -- Peter Palfrader Tue, 15 Nov 2005 23:29:54 +0100 tor (0.1.1.8-alpha-1) experimental; urgency=low * New upstream version. * Add patch from CVS to "Insert a newline between all router descriptors when generating (old style) signed directories, in case somebody was counting on that". r1.247 of dirserv.c, <20051008060243.85F41140808C@moria.seul.org> -- Peter Palfrader Sat, 8 Oct 2005 20:24:39 +0200 tor (0.1.1.7-alpha-1) experimental; urgency=low * New upstream version. * More merging from 0.1.0.14+XXXX: - The tor-dbg package does not really need its own copy of copyright and changelog in usr/share/doc/tor-dbg. * Forward port 03_tor_manpage_in_section_8.dpatch -- Peter Palfrader Wed, 14 Sep 2005 17:52:35 +0200 tor (0.1.1.6-alpha-2) experimental; urgency=low * Merge 0.1.0.14+XXXX changes. -- Peter Palfrader Wed, 14 Sep 2005 15:05:16 +0200 tor (0.1.1.6-alpha-1) experimental; urgency=low * Experimental upstream version. -- Peter Palfrader Sat, 10 Sep 2005 10:17:43 +0200 tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low * Even more experimental cvs snapshot. * Testsuite is mandatory again. * Forward port 03_tor_manpage_in_section_8.dpatch * Forward port 06_add_compile_time_defaults.dpatch -- Peter Palfrader Fri, 9 Sep 2005 23:22:38 +0200 tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low * Experimental upstream version. * Allow test suite to fail, it's broken in this version. * Update list of files from doc/ that should be installed. * Forward port debian/ patches. -- Peter Palfrader Fri, 12 Aug 2005 17:02:23 +0200 tor (0.1.0.17-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sat, 18 Feb 2006 02:49:45 +0100 tor (0.1.0.16-1) unstable; urgency=low * New upstream version. * Update copyright file for 2006. -- Peter Palfrader Tue, 3 Jan 2006 13:59:34 +0100 tor (0.1.0.15-1) unstable; urgency=low * New upstream release. * Forward port 03_tor_manpage_in_section_8. -- Peter Palfrader Sat, 24 Sep 2005 15:15:34 +0200 tor (0.1.0.14-2) unstable; urgency=low * Ship debugging information in a separate package now, instead of simply not stripping tor. This is still useful while tor is young. Ideally it would go away some time. * Add LSB comments to init script as suggested by Petter Reinholdtsen on the debian-devel list: - http://lists.debian.org/debian-devel/2005/08/msg01172.html - http://wiki.debian.net/?LSBInitScripts * Work around broken chroots that do not resolve localhost or resolve it to the wrong IP. We now catch such cases in debian/rules, shout at the buildd maintainer, and ignore the result of our test suite. -- Peter Palfrader Wed, 21 Sep 2005 10:23:25 +0200 tor (0.1.0.14-1) unstable; urgency=high * New upstream version - changes, among others: - Fixes the other half of the bug with crypto handshakes (CVE-2005-2643). * Since gs-gpl on s390 is broken (#321435) and unable to build PDFs of our images for the design paper this version ships them in the source and uses them on s390, should building them from source really fail. * Increase standards-version from 3.6.1 to 3.6.2. No changes necessary. -- Peter Palfrader Mon, 8 Aug 2005 23:55:05 +0200 tor (0.1.0.13-1) unstable; urgency=high * New upstream version: - Explicitly set no-unaligned-access for sparc in configure.in. it turns out the new gcc's let you compile broken code, but that doesn't make it not-broken (closes: #320140). - Fix a critical bug in the security of our crypto handshakes. (Therefore set urgency to high). and more (see upstream changelog). * Slightly improve init script to give you proper error messages when you do not run it as root. -- Peter Palfrader Fri, 5 Aug 2005 01:27:49 +0200 tor (0.1.0.12-1) unstable; urgency=medium * New upstream version: - New IP for tor26 directory server, - fix a possible double-free in tor_gzip_uncompress, - and more (see upstream changelog). -- Peter Palfrader Tue, 19 Jul 2005 17:36:24 +0200 tor (0.1.0.11-1) unstable; urgency=high * New upstream version (closes: #316753): - Fixes a serious bug: servers now honor their exit policies - In 0.1.0.x only clients enforced them so far. 0.0.9.x is not affected. * Build depend on libevent-dev >= 1.1. * Urgency high because 0.0.9.10-1 did not make it into testing after like 3 weeks because of an impending ftp-master move. So I might just as well upload this one. -- Peter Palfrader Mon, 4 Jul 2005 17:53:48 +0200 tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low * New upstream version. * Add a watch file. * Forward port 03_tor_manpage_in_section_8. * Forward port 06_add_compile_time_defaults. * Add libevent-dev to build-depends. * Update URL to tor in debian/control and debian/copyright. * Add a snippet to disable epoll in etc/default/tor, commented out. * Add a snippet to set nice level in etc/default/tor. * Wait for 60 seconds in init stop. 35 is too little. * Don't depend on python anymore - tor-resolve is C now. * If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4. Of course the -dev package needs to be installed. * Update README.Debian to say that upstream now does have a default for DataDirectory. * Don't fail in the init script when we cannot raise the ulimit. Instead just warn a bit (closes: #312882). -- Peter Palfrader Wed, 15 Jun 2005 16:38:06 +0200 tor (0.0.9.10-1) unstable; urgency=high * While we're waiting for a newer libevent to enter sid, make another upload of the 0.0.9.x tree: - Refuse relay cells that claim to have a length larger than the maximum allowed. This prevents a potential attack that could read arbitrary memory (e.g. keys) from an exit server's process (CVE-2005-2050). -- Peter Palfrader Thu, 16 Jun 2005 22:56:11 +0200 tor (0.0.9.9-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Sat, 23 Apr 2005 23:58:47 +0200 tor (0.0.9.8-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Fri, 8 Apr 2005 09:11:34 +0200 tor (0.0.9.7-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Fri, 1 Apr 2005 09:52:12 +0200 tor (0.0.9.6-1) unstable; urgency=low * New upstream version. * Upstream used newer auto* tools, so hopefully the new config.sub and config.guess files (2003-08-18) are good enough to build tor on ppc64 (closes: #300376: FTBFS on ppc64). -- Peter Palfrader Fri, 25 Mar 2005 01:34:28 +0100 tor (0.0.9.5-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Thu, 24 Feb 2005 09:45:52 +0100 tor (0.0.9.4-1) unstable; urgency=low * New upstream version. * Set ulimit for file descriptors to 4096 in our init script. * Use SIGINT to shutdown tor. That way - if you are a server - tor will stop accepting new connections immediately, and give existing connections a grace period of 30 seconds in which they might complete their task. If you just run a client it should make no difference. -- Peter Palfrader Fri, 4 Feb 2005 00:20:25 +0100 tor (0.0.9.3-1) unstable; urgency=low * New upstream version. * Forward port 07_log_to_file_by_default. -- Peter Palfrader Sun, 23 Jan 2005 16:01:58 +0100 tor (0.0.9.2-1) unstable; urgency=low * New upstream version. * Update debian/copyright (it's 2005). * Add sharedscripts tor logrotate.d/tor. -- Peter Palfrader Tue, 4 Jan 2005 11:14:03 +0100 tor (0.0.9.1-1) unstable; urgency=low * New upstream version. -- Peter Palfrader Thu, 16 Dec 2004 00:16:47 +0100 tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium * New upstream release (candidate). For real this time. Looks like our rc6 orig.tar.gz was in fact the rc5 one. * forward port patches/07_log_to_file_by_default -- Peter Palfrader Wed, 8 Dec 2004 15:22:44 +0100 tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium * New upstream release (candidate). - cleans up more integer underflows that don't look exploitable. But one never knows (-> medium). * Remove those 'date' calls in debian/rules again that were added in rc5-1. -- Peter Palfrader Mon, 6 Dec 2004 11:11:23 +0100 tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium * New upstream release (candidate). - medium because it fixes an integer overflow that might be exploitable, but doesn't seem to be currently. * Add a few 'date' calls in debian/rules, so I can see how long building the docs take on autobuilders. -- Peter Palfrader Wed, 1 Dec 2004 10:02:08 +0100 tor (0.0.8+0.0.9rc3-1) unstable; urgency=low * New upstream release (candidate). -- Peter Palfrader Thu, 25 Nov 2004 10:33:42 +0100 tor (0.0.8+0.0.9rc2-1) unstable; urgency=low * New upstream release (candidate). * Nick's patch is now part of upstream, remove it from the debian diff. -- Peter Palfrader Wed, 24 Nov 2004 09:03:13 +0100 tor (0.0.8+0.0.9rc1-1) unstable; urgency=low * New upstream release (candidate). * Apply nick's patch against config.c (1.267) to handle absense of units in BandwidthRate. -- Peter Palfrader Tue, 23 Nov 2004 11:57:49 +0100 tor (0.0.8+0.0.9pre6-1) unstable; urgency=low * New upstream (pre)release. * Install control-spec.txt into usr/share/doc/tor/. -- Peter Palfrader Tue, 16 Nov 2004 04:49:32 +0100 tor (0.0.8+0.0.9pre5-2) unstable; urgency=low * Symlink tor(8) manpage to torrc(5). * Make logs readable by the system administrators (group adm). * Point to /var/log/tor (the directory) instead of a single file (/var/log/tor/log) in the debian patch of the manpage. * Do not patch the default torrc to include settings we really want. Instead modify the compiled in default options. Those settings are - RunAsDaemon is enabled by default. - PidFile is set to /var/run/tor/tor.pid. No default upstream. - default logging goes to /var/log/tor/log instead of stdout. - DataDirectory is set to /var/lib/tor by default. No default upstream. This is also documented in the new debian/README.Debian. * Remove /usr/bin/tor-control.py from the binary package, it is not really useful yet, and wasn't meant to be installed by default. * Change init startup script to properly deal with tor printing stuff on startup. -- Peter Palfrader Fri, 12 Nov 2004 18:30:50 +0100 tor (0.0.8+0.0.9pre5-1) unstable; urgency=low * New upstream (pre)release. * 04_fix_test can be backed out again. * Make sure all patches apply cleanly. * No longer use --pidfile, --logfile, and --runasdaemon command line options. Set them in the configfile instead. * Change the description slightly, to say "don't rely on the current Tor network if you really need strong anonymity", instead of "Tor will not provide anonymity currently". -- Peter Palfrader Wed, 10 Nov 2004 04:43:10 +0100 tor (0.0.8+0.0.9pre4-1) unstable; urgency=low * New upstream (pre)release. * Apply patch from cvs to fix a segfault in src/or/test (test.c, 1.131). -- Peter Palfrader Sun, 17 Oct 2004 19:04:31 +0200 tor (0.0.8+0.0.9pre3-1) unstable; urgency=high * New upstream (pre)release. * Fixes at least one segfault that can be triggered remotely, a format string vulnerability which probably is not exploitable, and several assert bugs. -- Peter Palfrader Thu, 14 Oct 2004 13:36:45 +0200 tor (0.0.8+0.0.9pre2-1) unstable; urgency=low * New upstream (pre)release. -- Peter Palfrader Sun, 3 Oct 2004 01:29:13 +0200 tor (0.0.8+0.0.9pre1-1) unstable; urgency=low * New upstream (pre)release. * Built depend on zlib1g-dev. -- Peter Palfrader Fri, 1 Oct 2004 21:28:49 +0200 tor (0.0.8-1) unstable; urgency=low * New upstream release. -- Peter Palfrader Fri, 27 Aug 2004 14:08:10 +0200 tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low * New upstream release candidate. * Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops. -- Peter Palfrader Wed, 18 Aug 2004 09:59:13 +0200 tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low * New upstream (pre)release. * Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO, doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package. * Build tor-design.{pdf,ps}, wich adds new build-dependencies: tetex-{bin,extra}, transfig, and gs. * Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design. With nodoc the build will not need tetex-{bin,extra}, transfig, and gs. * Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests ('notest' is an alias') * Enable coredumps by default, this is still development code. * Modify 02_add_debian_files_in_manpage to still apply. -- Peter Palfrader Sun, 8 Aug 2004 15:03:32 +0200 tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low * New upstream (pre)release. * Depend on python as we now have a python script: tor_resolve -- Peter Palfrader Wed, 4 Aug 2004 20:09:26 +0200 tor (0.0.7.2-1) unstable; urgency=medium * New upstream release. Fixes another instance of that remote crash bug. * Mention another reason why stop/reload may fail in the init script. -- Peter Palfrader Thu, 8 Jul 2004 03:21:32 +0200 tor (0.0.7.1-1) unstable; urgency=medium * New upstream release. Fixes a bug that allows a remote crash on exit nodes. * Logrotate var/log/tor/*log instead of just var/log/tor/log, in case the admin wants several logs. -- Peter Palfrader Mon, 5 Jul 2004 19:18:12 +0200 tor (0.0.7-1) unstable; urgency=low * New upstream version closes: #249893: FTBFS on ia64 -- Peter Palfrader Mon, 7 Jun 2004 21:46:08 +0200 tor (0.0.6.2-1) unstable; urgency=medium * New upstream release (breaks backwards compatibility yet again). * Recommend socat. * Since tor is in /usr/sbin, the manpage should be in section 8, not in section 1. Move it there, including updating the section in the manpage itself and the reference in torify(1). * Update debian/copyright file. -- Peter Palfrader Sun, 16 May 2004 10:47:20 +0200 tor (0.0.6.1-1) unstable; urgency=medium * New upstream release (breaks backwards compatibility). -- Peter Palfrader Fri, 7 May 2004 00:24:49 +0200 tor (0.0.6-1) unstable; urgency=low * New upstream release (breaks backwards compatibility). -- Peter Palfrader Sun, 2 May 2004 23:58:36 +0200 tor (0.0.5+0.0.6rc4-1) unstable; urgency=low * New upstream release candidate. -- Peter Palfrader Sun, 2 May 2004 14:36:59 +0200 tor (0.0.5+0.0.6rc3-1) unstable; urgency=low * New upstream release candidate. -- Peter Palfrader Thu, 29 Apr 2004 11:52:07 +0200 tor (0.0.5+0.0.6rc2-1) unstable; urgency=low * New upstream release candidate. * Mention upstream website and mailinglist archives in long description. -- Peter Palfrader Mon, 26 Apr 2004 12:23:20 +0200 tor (0.0.5-1) unstable; urgency=low * New upstream release. * Upstream installs a torrc.sample file now, rather than torrc. Keep using torrc as dpkg handles conffile upgrades. -- Peter Palfrader Tue, 30 Mar 2004 20:54:00 +0200 tor (0.0.4-1) unstable; urgency=low * New upstream release (how the version numbers fly by :). -- Peter Palfrader Fri, 26 Mar 2004 23:46:09 +0100 tor (0.0.3-1) unstable; urgency=low * New upstream release. * Also mention that tree.h is by Niels Provos in debian/copyright. -- Peter Palfrader Fri, 26 Mar 2004 20:36:08 +0100 tor (0.0.2-1) unstable; urgency=low * New upstream release. * Uses strlcpy and strlcat by Todd C. Miller, mention him in debian/copyright. -- Peter Palfrader Fri, 19 Mar 2004 12:37:17 +0100 tor (0.0.1+0.0.2pre27-1) unstable; urgency=low * New upstream release. -- Peter Palfrader Mon, 15 Mar 2004 05:19:16 +0100 tor (0.0.1+0.0.2pre26-1) unstable; urgency=low * New upstream release. * Mention log and pidfile location in tor.1. -- Peter Palfrader Mon, 15 Mar 2004 02:21:29 +0100 tor (0.0.1+0.0.2pre25-1) unstable; urgency=low * New upstream release. -- Peter Palfrader Thu, 4 Mar 2004 23:05:38 +0100 tor (0.0.1+0.0.2pre24-1) unstable; urgency=low * New upstream release. * Do not strip binaries for now. * Add "# ulimit -c unlimited" to tor.default * Always enable DataDirectory. * Actually use dpatch now (to modify upstream torrc.in) * Wait for tor to die in init stop. Let the user know if it doesn't. -- Peter Palfrader Wed, 3 Mar 2004 14:10:25 +0100 tor (0.0.1+0.0.2pre23-1) unstable; urgency=low * New upstream release. * The one test that always failed has been fixed: removed comment from rules file. -- Peter Palfrader Sun, 29 Feb 2004 12:36:33 +0100 tor (0.0.1+0.0.2pre22-1) unstable; urgency=low * New upstream release. * Upstream has moved tor back to usr/bin, but we will keep it in usr/sbin. That's the right place and it doesn't break my tab completion there. -- Peter Palfrader Fri, 27 Feb 2004 01:59:09 +0100 tor (0.0.1+0.0.2pre21-1) unstable; urgency=low * New upstream release. * 0.0.2pre20-2 removed the Recommends: on privoxy rather than tsocks (which is now required) by mistake. Fix that. * package description: Mention that the package starts the OP by default and that OR can be enabled in the config. * tor moved to sbin, updating init script. -- Peter Palfrader Wed, 18 Feb 2004 10:08:12 +0100 tor (0.0.1+0.0.2pre20-2) unstable; urgency=low * Add torify script, documentation, and config file. Means we also depend on tsocks now rather than just recommending it. Right now we install it in debian/rules, but upcoming versions might install it in upstream's make install target. * There's an upstream ChangeLog file now. Enjoy! * Add a README.privoxy file that explains how to setup privoxy to go over tor. * As is the case too often, the INSTALL file not only covers installation, but also basic usage and configuration. Therefore include it in the docs dir. * Add a lintian override for the INSTALL file. -- Peter Palfrader Tue, 17 Feb 2004 02:32:00 +0100 tor (0.0.1+0.0.2pre20-1) unstable; urgency=low * New upstream version. - various design paper updates - resolve cygwin warnings - split the token bucket into "rate" and "burst" params - try to resolve discrepency between bytes transmitted over TLS and actual bandwidth use - setuid to user _before_ complaining about running as root - fix several memleaks and double frees - minor logging fixes - add more debugging for logs. - various documentation fixes and improvements - for perforcmance testing, paths are always 3 hops, not "3 or more" (this will go away at a later date again) * Add dependency on adduser which was previously missing. * Change short description to a nicer one. -- Peter Palfrader Sat, 31 Jan 2004 10:10:45 +0100 tor (0.0.1+0.0.2pre19-1) unstable; urgency=low * Initial Release (closes: #216611). -- Peter Palfrader Sat, 10 Jan 2004 11:20:06 +0100