r19723@catbus: nickm | 2008-05-13 08:41:40 -0400
Bump version and update authority keys affected by Debian OpenSSL bug (See CVE-2008-0166 or http://lists.debian.org/debian-security-announce/2008/msg00152.html ) svn:r14600
This commit is contained in:
parent
0fa5a9de05
commit
9b87cfbdf8
15
ChangeLog
15
ChangeLog
|
@ -1,7 +1,18 @@
|
|||
Changes in version 0.2.0.26-rc - 2008-05-??
|
||||
Changes in version 0.2.0.26-rc - 2008-05-13
|
||||
Tor 0.2.0.26-rc fixes a major security vulnerability caused by a bug
|
||||
in Debian's OpenSSL packages. All users running any 0.2.0.x version
|
||||
should upgrade, whether they're running Debian or not.
|
||||
|
||||
o Major security fixes:
|
||||
- Use new V3 directory authority keys on the Tor26, Gabelmoo, and
|
||||
Moria1 V3 directory authorities. The old keys were generated with
|
||||
a vulnerable version of Debian's OpenSSL package, and must be
|
||||
considered compromised. Other authorities' keys were not
|
||||
generated with an affected version of OpenSSL.
|
||||
|
||||
o Major bugfixes:
|
||||
- List authority signatures as "unrecognized" based on DirServer lines,
|
||||
not on cert cache.
|
||||
not on cert cache. Bugfix on 0.2.0.x.
|
||||
|
||||
o Minor features:
|
||||
- Add a new V3AuthUseLegacyKey option to make it easier for authorities
|
||||
|
|
|
@ -5,7 +5,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc.
|
|||
dnl See LICENSE for licensing information
|
||||
|
||||
AC_INIT
|
||||
AM_INIT_AUTOMAKE(tor, 0.2.0.25-rc-dev)
|
||||
AM_INIT_AUTOMAKE(tor, 0.2.0.26-rc)
|
||||
AM_CONFIG_HEADER(orconfig.h)
|
||||
|
||||
AC_CANONICAL_HOST
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
!include "FileFunc.nsh"
|
||||
!insertmacro GetParameters
|
||||
|
||||
!define VERSION "0.2.0.25-rc-dev"
|
||||
!define VERSION "0.2.0.26-rc"
|
||||
!define INSTALLER "tor-${VERSION}-win32.exe"
|
||||
!define WEBSITE "https://www.torproject.org/"
|
||||
!define LICENSE "LICENSE"
|
||||
|
|
|
@ -823,11 +823,11 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
|||
{
|
||||
int i;
|
||||
const char *dirservers[] = {
|
||||
"moria1 v1 orport=9001 v3ident=5420FD8EA46BD4290F1D07A1883C9D85ECC486C4 "
|
||||
"moria1 v1 orport=9001 v3ident=E2A2AF570166665D738736D0DD58169CC61D8A8B "
|
||||
"128.31.0.34:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441",
|
||||
"moria2 v1 orport=9002 128.31.0.34:9032 "
|
||||
"719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
|
||||
"tor26 v1 orport=443 v3ident=A9AC67E64B200BBF2FA26DF194AC0469E2A948C6 "
|
||||
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
|
||||
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
|
||||
"lefkada orport=443 "
|
||||
"140.247.60.64:80 38D4 F5FC F7B1 0232 28B8 95EA 56ED E7D5 CCDC AF32",
|
||||
|
@ -838,7 +838,7 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
|||
"ides orport=9090 no-v2 v3ident=27B6B5996C426270A5C95488AA5BCEB6BCC86956 "
|
||||
"216.224.124.114:9030 F397 038A DC51 3361 35E7 B80B D99C A384 4360 292B",
|
||||
"gabelmoo orport=443 no-v2 "
|
||||
"v3ident=EAA879B5C75032E462CB018630D2D0DF46EBA606 "
|
||||
"v3ident=81349FC1F2DBA2C2C11B45CB9706637D480AB913 "
|
||||
"88.198.7.215:80 6833 3D07 61BC F397 A587 A0C0 B963 E4A9 E99E C4D3",
|
||||
"dannenberg orport=443 no-v2 "
|
||||
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
|
||||
|
|
|
@ -227,6 +227,6 @@
|
|||
#define USING_TWOS_COMPLEMENT
|
||||
|
||||
/* Version number of package */
|
||||
#define VERSION "0.2.0.25-rc-dev"
|
||||
#define VERSION "0.2.0.26-rc"
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue