-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 12 Jan 2023 20:35:33 +0100
Source: tor
Architecture: source
Version: 0.4.5.16-1
Distribution: bullseye-security
Urgency: medium
Maintainer: Peter Palfrader <
weasel@debian.org>
Changed-By: Peter Palfrader <
weasel@debian.org>
Changes:
tor (0.4.5.16-1) bullseye-security; urgency=medium
.
* New upstream version: fixing TROVE-2022-002:
- The SafeSocks option had its logic inverted for SOCKS4 and
SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe
SOCKS4a one. This is TROVE-2022-002 which was reported on
Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. Checksums-Sha1:
4940506a007b8ea1fd8f10d8900fabca31fa8f1a 1968 tor_0.4.5.16-1.dsc
9ba6125087748e144b5c21b83be0b800fade869f 8048887 tor_0.4.5.16.orig.tar.gz
df1048ff56a0248b278510b843b0159adedda5b4 59336 tor_0.4.5.16-1.diff.gz Checksums-Sha256:
49ce4e650c5d4bd76098eef7effa6126ab847ddad20ae63192f2e22394ab392f 1968 tor_0.4.5.16-1.dsc
f8d75532914b0806665557802474c916498e0a0e8b084af63d20342d4281e9f9 8048887 tor_0.4.5.16.orig.tar.gz
4023d2d0203c267257343195b2fb36c5f987510a4e9c3492a15dfdf4c08f441d 59336 tor_0.4.5.16-1.diff.gz
Files:
e15bb0659e630f160aa111a31bcaecee 1968 net optional tor_0.4.5.16-1.dsc
834032c70b2dcf5d9a3f3ab092b0e406 8048887 net optional tor_0.4.5.16.orig.tar.gz
a78d09fb39a2f5365845999185b62280 59336 net optional tor_0.4.5.16-1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEZI5W7zrm8w5X0SHVIw/UyqaI+y8FAmPBbcQACgkQIw/UyqaI +y+Hfgf/eIuk6EXIjq6cW+p73773oLJSXumVCYUegCTN3H0BJ03T9UoPPTmO4WO+ hCPTpvYXqnG5uXyGhyhDe/fYONsKz1KEdHr8lsUJ4l5igsb6btiMSWkIaxE0YSXu +HUXKI4+EQe/PjzRCrNiTuJydWWQbrEdzJE/pTD+WtFE5w5y5TeEb95VnVW/E7Dc CEnBON+4r1t0mdGihlKMCumt2BVfsgw68p6nT7cNRE8GKmncDyNDMuWudDmvUWdY M2iHpWI/uS87LuX7ftz9UapYNXF2PvNrwMQgJKkt9gRSVJ23lft0BDi2YyNdsqCg MNkJaqFsZPuH8Dy0RsHD98A9kDBBtw==
=Mvgj
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)