[ubuntu/natty] tor 0.2.1.26-6 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Fri Dec 24 16:20:37 GMT 2010
tor (0.2.1.26-6) unstable; urgency=high
* Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
* Housekeeping: Update IP address and port of directory authority gabelmoo
with data shipped in 0.2.1.28.
tor (0.2.1.26-5) unstable; urgency=low
* Since the dawn of time (0.0.2pre19-1, January 2004, initial release
of the debian package), the postinst script has changed ownership and
permissions of various trees like /var/lib/tor, /var/run/tor, and
/var/log/tor, sometimes recursively.
.
It turns out this actually is a security issue, so try to be more
conservative when fixing up modes and only chown/chgrp
/var/{lib,log,run}/tor directly, never recursively.
* Remove /var/run/tor, recursively, on purge. We already do this
for /var/lib/tor and /var/log/tor.
tor (0.2.1.26-4) unstable; urgency=high
* Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8
(0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198):
.
Do not set the tlsext_host_name extension on server SSL objects; only on
client SSL objects. We set it to immitate a browser, not a vhosting
server. This resolves an incompatibility with openssl 0.9.8p and openssl
1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha.
* Also from 0.2.1.27: Add maatuska as eighth v3 directory authority.
The directory authority servers are the trusted nodes that sign the
directory of all Tor servers. This adds an 8th authority to the
existing list, improving robustness.
* Change section from comm to net. This change was done in the
0.2.2.x tree in experimental during 0.2.2.9 (April 2010) in response
to bug #482801.
* If we have a debian/micro-revision.i, replace the one in src/or
with our copy so that this will be the revision that ends up in
the binary. This is an informational only version string, but
it'd be kinda nice if it was (more) accurate nonetheless.
(Backported from 0.2.2.2-alpha-1 from September 2009.)
tor (0.2.1.26-3) unstable; urgency=low
* Make sure the cronjob does not try to access a /var/lib/tor
that has already been removed (due to for instance package removal).
Thanks to Holger and piuparts for catching this.
tor (0.2.1.26-2) unstable; urgency=medium
* No longer set ulimit -c to unlimited:
Up until now the init script (or actually /etc/default/tor) raised
the ulimit for coredumps to unlimited, so that Tor would produce
coredumps on assert errors or segfaults. Coredumps however can
leak sensitive information, like cryptographic session keys and
clients' data should the core files get into the wrong hands. As
such it seems prudent to only enable coredumps if the user or
operator explicitly asks for them, and knows what to do with them.
* Also include a cron.weekly job that removes old coredumps from
/var/lib/tor. This action can be disabled in /etc/default/tor.
tor (0.2.1.26-1) unstable; urgency=low
* New upstream version.
* Remove debian/patches/15_testuite-thread-fixes (merged upstream).
* tor.postinst: Stop calling stat(1) with its full path.
* Add ${misc:Depends} for all three binary packages because debhelper
might want to add stuff.
tor (0.2.1.25-3) unstable; urgency=low
* Minor bugfixes to make the testsuite work on our new Octeon machines:
(taken from upstream's maint-0.2.1 branch)
- Testsuite: In the util/threads test no longer free the test_mutex
before all worker threads have finished.
- Testsuite: The master thread could starve the worker threads quite
badly on certain systems, causing them to run only partially in
the allowed window. This resulted in test failures. Now the master
thread sleeps occasionally for a few microseconds while the two
worker-threads compete for the mutex.
(both in debian/patches/15_testuite-thread-fixes)
tor (0.2.1.25-2) unstable; urgency=low
* In /etc/default/tor also source /etc/default/tor.vidalia if it exists
and if vidalia is installed. We do this so that the vidalia package
can override some of our settings: People who have vidalia installed might
not want to run Tor as a system service. The vidalia .deb can ask them
that and then set run-daemon to no.
tor (0.2.1.25-1) unstable; urgency=low
* New upstream version.
- Obsoletes patches/15_enable_renegotiation_on_098k.
* Change order of recommends from privoxy | polipo to polipo | privoxy.
[change done in experimental (0.2.2.x) long ago).
tor (0.2.1.23-2) unstable; urgency=low
* Enable ssl renegotiation also on 0.9.8k (closes: #570197).
tor (0.2.1.23-1) unstable; urgency=low
* New upstream version.
- We no longer need to build-depend on a recent libssl-dev because
Tor now detects whether we need to explicitly turn on
autonegotiation at run-time rather than compile time. Good.
(This also means we no longer need to conflict with newer
libssls when we built against an old one on backports.)
tor (0.2.1.22-1) unstable; urgency=medium
* New upstream version.
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.
[and more]
tor (0.2.1.21-1) unstable; urgency=low
* New upstream version.
* Drop patches/ce0a89e2-work-with-reneg-ssl.dpatch (already in
upstream).
tor (0.2.1.20-2) unstable; urgency=low
* Pick ce0a89e2624471272ffc4950c5069d9b81a7f0b9 from maint-0.2.1 git tree:
- work with libssl that has renegotiation disabled by default.
(debian/patches/ce0a89e2-work-with-reneg-ssl.dpatch)
* Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against
earlier versions we will not work once libssl gets upgraded to a version
that disabled renegotiations.
tor (0.2.1.20-1) unstable; urgency=low
* New upstream version.
tor (0.2.1.19-1) unstable; urgency=low
* New upstream version.
- Make accessing hidden services on 0.2.1.x work right (closes: #538960).
[More items are in the upstream changelog.]
tor (0.2.1.18-1) unstable; urgency=low
* New upstream version.
tor (0.2.1.17-rc-1) experimental; urgency=low
* New upstream version.
* Update upstream URL in debian/copyright.
tor (0.2.1.16-rc-1) experimental; urgency=low
* New upstream version.
* No longer inform the user if/when we re-create the /var/run/tor
directory in the init script. With /var/run on tmpfs this is
completely normal now so our message was just noise.
* Stop shipping /var/run/tor in the package.
* Only clean up permissions of /var/run/tor in postinst if the
directory actually exists.
* Update Standards-Version from 3.8.0 to 3.8.1. No real changes
required, we already support nocheck in DEB_BUILD_OPTIONS since
August 2004, and we already create our var/run directory in the
init script (tho we now no longer ship it either - see above).
* Change debhelper compatibility version from 4 to 5:
- Change dh_strip call from --dbg-package=tor
to --dbg-package=tor-dbg.
- Update versioned build time dependency on debhelper.
* Forward port 06_add_compile_time_defaults.
tor (0.2.1.15-rc-1) experimental; urgency=low
* New upstream version.
* Change build time dependency on gs to ghostscript.
tor (0.2.1.14-rc-1) experimental; urgency=low
* New upstream version.
* Change Section of tor-dbg to debug.
tor (0.2.1.13-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.1.12-alpha-1) experimental; urgency=low
* New upstream version, fixing several security relevant bugs:
- Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity (closes: #514579).
- Fix a temporary DoS vulnerability that could be performed by
a directory mirror (closes: #514580).
* patches/06_add_compile_time_defaults: Only set the User option in
the config if we run as root. Do not set it when run as debian-tor
as Tor then always insists on changing users which will fail. (If
we run as any other user we don't set our debian defaults anyway.)
tor (0.2.1.11-alpha-1) experimental; urgency=high
* New upstream version:
- Fixes a possible remote heap buffer overflow bug.
- torify(1) manpage mentions DNS leaks now (closes: #495829).
* README.Debian: No longer claim we change the default 'Group' setting
when run as debian-user. That setting no longer exists.
* Forward port 03_tor_manpage_in_section_8.dpatch.
tor (0.2.1.10-alpha-1) experimental; urgency=low
* New alpha release.
* Forward port 03_tor_manpage_in_section_8.dpatch.
tor (0.2.1.9-alpha-1) experimental; urgency=low
* New alpha release.
tor (0.2.1.8-alpha-1) experimental; urgency=low
* New alpha release.
tor (0.2.1.7-alpha-2) experimental; urgency=low
* No longer set now obsolete Group setting in built-in debian config.
tor (0.2.1.7-alpha-1) experimental; urgency=low
* New alpha release.
tor (0.2.1.6-alpha-1) experimental; urgency=low
* New alpha release.
* Forward port 14_fix_geoip_warning.dpatch.
tor (0.2.1.5-alpha-1) experimental; urgency=low
* New alpha release.
tor (0.2.1.4-alpha-1) experimental; urgency=low
* New alpha release.
* Do not build with openbsd's malloc unless enable-openbsd-malloc is in
DEB_BUILD_OPTIONS.
tor (0.2.1.2-alpha-1) experimental; urgency=low
* New alpha release.
tor (0.2.0.30-1) unstable; urgency=low
* New upstream version.
tor (0.2.0.29-rc-2) unstable; urgency=low
* Upload to unstable.
tor (0.2.0.29-rc-1) experimental; urgency=low
* New upstream version.
* Warn the admin if the number of file descriptors on his system is
tiny.
tor (0.2.0.28-rc-1) experimental; urgency=low
* New upstream version.
* Remove debian/patches/11_tor_as_root_more_helpful.dpatch as
it is no longer needed: We now setuid() to the Tor user
when run as root and it all just works.
* Add comments to the dpatch headers so lintian shuts up.
* Add patches/14_fix_geoip_warning: Change geoipdb open failed message.
* Require unit tests to pass again.
tor (0.2.0.27-rc-1) experimental; urgency=low
* New upstream version.
* Add tor-geoipdb arch: all package for the geoip database.
* Update debian/rules so that there now is a binary-common target
and the binary-indep and binary-arch targets call make with
proper DH_OPTIONS options. This is taken from the template
that dh_make nowadays uses for multi-binary packages.
* Unit tests are broken, yay.
* Use ${binary:Version} to depend on the right tor binary package from
the tor-dbg package instead of ${Source-Version}. Some guy on the
internet said the latter was deprecated.
* Add Homepage: https://www.torproject.org/ field to control file.
* And mention www.tp.o instead of the old tor.eff.org in the long
description.
* No longer ignore failure of make clean in the clean target.
* Support passing of parallel=<n> in build options.
* Change declared Standards-Version to 3.8.0.
tor (0.2.0.26-rc-1) experimental; urgency=critical
* New upstream version.
* Conflict with old libssls.
* On upgrading from versions prior to, including, 0.1.2.19-2, or
from versions later than 0.2.0 and prior to 0.2.0.26-rc do the
following, and if we are a server (we have a /var/lib/tor/keys
directory)
- move /var/lib/tor/keys/secret_onion_key out of the way.
- move /var/lib/tor/keys/secret_onion_key.old out of the way.
- move /var/lib/tor/keys/secret_id_key out of the way if it was
created on or after 2006-09-17, which is the day the bad
libssl was uploaded to Debian unstable.
* Add a NEWS file explaining this change.
tor (0.2.0.24-rc-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.23-rc-1) experimental; urgency=low
* New upstream version.
* Mention OpenBSD_malloc_Linux.c in debian/copyright.
* Add a recommends on logrotate.
tor (0.2.0.22-rc-1) experimental; urgency=low
* New upstream version.
* Work around fig2dev failing to build the images on all archs
(re #457568).
* Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is
found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the
horrible memory fragmentation that glibc's malloc causes.
tor (0.2.0.21-rc-1) experimental; urgency=low
* New upstream version.
* Run --verify-config before start/reload/restart as root. No longer
su - to debian-tor tor run it. Given that we now even start Tor as
root (it setuids later on) this should be fine (closes: #468566).
tor (0.2.0.20-rc-1) experimental; urgency=low
* New upstream version.
* Change the default for MAX_FILEDESCRIPTORS in our init script to depend
on the number of system-wide available file descriptors:
/proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's
greater than 40k set the limit to 16k, and when greater than 10k our limit
shall be 8k descriptors. If there are less than 20k FDs in the entire
system default to a limit of only 1024.
Big servers at the moment regularly use more than 10k FDs, so our old
default of 8k no longer is sufficient. On the other hand we don't want
lower end systems to run out of FDs on Tor's account.
* If we run as root also apply debian defaults.
* Add User=debian-tor and Group=debian-tor to debian defaults. That allows
us to start Tor as root and have it setuid/setgid to the target user.
* Change the init script to start Tor as root. Now we should be able to
bind to low port.
tor (0.2.0.19-alpha-1) experimental; urgency=low
* New upstream version.
* It's 2008. Now is the time to add copyright statements for 2007.
* Forward port 03_tor_manpage_in_section_8.dpatch.
tor (0.2.0.18-alpha-2) experimental; urgency=low
* Work around fig2dev failing to build the images on mipsel like we do on
sparc and s390 (re #457568)
* Fix postinst find command that chowns stuff to the right user. Find
does weird things in the presence of !.
tor (0.2.0.18-alpha-1) experimental; urgency=low
* New upstream version.
* postinst: Remove the check that requires the debian-tor user
to have a uid between 100 and 999. There is no good reason
to require this. If the local admin moves the system users/uid-space
to some other range then they probably have a good reason for that.
* postinst: change wording if debian-tor's homedir is wrong, do not
print anything if it is ok.
* postinst: We were only fixing the permissions of /var/{lib,run,log}/tor
when we were not upgrading. Unfortunately the check doesn't work all
that well usually in cases where the package was removed (not purged)
and then later re-installed again. Now we ensure proper ownership
and modes for all the directories and files below /var/{lib,run,log}/tor
(the dirs themselves included) every time we run postinst.
* postinst: if we reboot between unpacking and configuring on some smart
systems this will mean that we just lost /var/run/tor - creating it
in the maintainer script if it doesn't exist.
* Create logfiles in logrotate so that they come into the world with the
correct mode (o-r).
tor (0.2.0.17-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.15-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.14-alpha-1) experimental; urgency=low
* New upstream version.
* Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again -
it's included upstream.
* Work around fig2dev failing to build the images on sparc like we do on
s390.
tor (0.2.0.13-alpha-1) experimental; urgency=low
* New upstream version.
* Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch).
tor (0.2.0.12-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.11-alpha-1) experimental; urgency=low
* New upstream version.
* remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's
now part of upstream.
tor (0.2.0.9-alpha-2) experimental; urgency=low
* Do not separate required lsb facilities with commas in the
init script (closes: #448001).
* Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch,
from trunk/head.
tor (0.2.0.9-alpha-1) experimental; urgency=low
* New upstream version.
* Only create pid dir if we are about to start Tor (Luca Capello,
closes: #447508).
tor (0.2.0.8-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.7-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.6-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.5-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.4-alpha-1) experimental; urgency=high
* New upstream version.
tor (0.2.0.3-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.2-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.2.0.1-alpha-1) experimental; urgency=low
* New upstream version.
* Forward port 06_add_compile_time_defaults.
* teTeX is no more, long live TeX Live:
- remove build depends on tetex-bin, tetex-extra,
- add build depends on texlive-base-bin for dvips and bibtex,
texlive-latex-base for latex, and texlive-fonts-recommended for fonts
like ptmr7t.
tor (0.1.2.19-1) unstable; urgency=low
* New upstream version.
tor (0.1.2.18-1) unstable; urgency=low
* New upstream version.
tor (0.1.2.17-1) unstable; urgency=low
* New upstream version.
tor (0.1.2.16-1) unstable; urgency=high
* New upstream version.
tor (0.1.2.15-1) unstable; urgency=low
* New upstream version.
* Change build-depends from tetex to texlive suite.
tor (0.1.2.14-1) unstable; urgency=low
* New upstream version.
tor (0.1.2.13-3) unstable; urgency=low
* Always give a shell (/bin/sh) when we use su(1) in our init script
(closes: #421465).
tor (0.1.2.13-2) unstable; urgency=low
* In options_init_from_torrc()'s error path only config_free() options
if they already have been initialized (closes: #421235).
tor (0.1.2.13-1) unstable; urgency=low
* New upstream version.
tor (0.1.2.12-rc-1) experimental; urgency=low
* New upstream version.
tor (0.1.2.10-rc-1) experimental; urgency=low
* New upstream version.
* Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728).
tor (0.1.2.8-beta-1) experimental; urgency=low
* New upstream version.
tor (0.1.2.7-alpha-1) experimental; urgency=low
* New upstream version.
* Install all the spec files into usr/share/doc/tor/spec now.
They moved to doc/spec/* from just doc/* in the source too.
tor (0.1.2.6-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.1.2.5-alpha-1) experimental; urgency=low
* New upstream version.
* Disable 02_add_debian_files_in_manpage.dpatch for now.
tor (0.1.2.4-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.1.2.3-alpha-1) experimental; urgency=low
* New upstream version.
tor (0.1.2.2-alpha-1) experimental; urgency=low
[ Peter Palfrader ]
* New upstream version.
[ Roger Dingledine ]
* Minor update of debian/copyright.
tor (0.1.2.1-alpha-1) experimental; urgency=low
* Forward port 07_log_to_file_by_default.dpatch.
* Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and
Log differed from upstreams. Now Tor behaves just like before (with
our own DataDirectory and all) only when run as the debian-tor user.
If invoked as any other user, Tor will behave just like the pristine
upstream version.
* Tell users about the init script when they try to run Tor as root.
Should we also do this when they try to run their Tor as any other
(non root, non debian-tor) user? - add 11_tor_as_root_more_helpful
* Use tor --verify-config before start and reload. Abort init script
with exit 1 if config does not verify.
* Change Standards-Version to 3.7.2. No changes required.
tor (0.1.1.26-1) unstable; urgency=high
* New upstream version (Stop sending the HttpProxyAuthenticator string to
directory servers when directory connections are tunnelled through Tor).
tor (0.1.1.25-1) unstable; urgency=low
* New upstream version.
tor (0.1.1.24-1) unstable; urgency=low
* New upstream version.
* Update debian/copyright:
- tree.h has vanished somewhere along the current branch
- ht.h is new and credits Christopher Clark
- We didn't mention Matej Pfajfar's copyright before.
* Forward port 07_log_to_file_by_default.
tor (0.1.1.23-1) unstable; urgency=medium
* New upstream version.
tor (0.1.1.22-1) unstable; urgency=low
* New upstream version.
tor (0.1.1.21-1) unstable; urgency=low
* New upstream version.
tor (0.1.1.20-1) unstable; urgency=low
* New upstream stable release: The 0.1.1.x tree is now the new stable
tree. Upload to unstable rather than experimental.
tor (0.1.1.19-rc-1) experimental; urgency=low
* New upstream version.
* Remove support for my nodoc DEB_BUILD_OPTIONS variable. It clutters
stuff and I haven't used it in ages.
* Update debian/tor.docs file.
tor (0.1.1.18-rc-1) experimental; urgency=low
* New upstream version.
* update debian/tor.doc:
- no longer ship INSTALL and README files, they are useless now.
- doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html,
doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced
by doc/website/stylesheet.css and doc/website/tor-* which is more
or less the same, only taken from the website. Some links are
probably broken still, but this should get fixed eventually.
tor (0.1.1.17-rc-1) experimental; urgency=low
* New upstream version.
* Forward port patches/07_log_to_file_by_default.
tor (0.1.1.16-rc-1) experimental; urgency=low
* New upstream version.
tor (0.1.1.15-rc-1) experimental; urgency=low
* New upstream version.
* Apparently passing --host to configure when not cross-compiling
is evil now and greatly confuses configure. So don't do it unless it
actually differs from --build host.
tor (0.1.1.14-alpha-1) experimental; urgency=low
* New upstream version.
* Include 0.1.0.17 changelog in experimental tree.
* doc/FAQ is no longer shipped, so remove it from debian/tor.docs.
tor (0.1.1.13-alpha-1) experimental; urgency=low
* New upstream version.
* Forward port patches/02_add_debian_files_in_manpage.
* Forward port patches/03_tor_manpage_in_section_8.
* Create /var/run/tor on init script start if it does
not exist already.
* Set default ulimit -n to 8k instead of 4k in /etc/default/tor.
* Print that we're raising the ulimit to stdout in the init script.
* Add CVE numbers to past issues in the changelog where applicable.
tor (0.1.1.12-alpha-1) experimental; urgency=low
* New upstream version, that was a quick one. :)
* Forward port patches/02_add_debian_files_in_manpage.
tor (0.1.1.11-alpha-1) experimental; urgency=low
* New upstream version.
- Implement "entry guards": automatically choose a handful of entry
nodes and stick with them for all circuits. This will increase
security dramatically against certain end-point attacks
(closes: #349283, CVE-2006-0414).
* Forward port patches/07_log_to_file_by_default.
* Forward port 0.1.0.16 changelog and change to copyright file.
tor (0.1.1.10-alpha-1) experimental; urgency=low
* New upstream version.
* doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream
tarball, remove them from debian/tor.docs.
* add the following new files to tor.docs: doc/socks-extensions.txt,
doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html
tor (0.1.1.9-alpha-1) experimental; urgency=low
* New upstream version.
* Remove 08_add_newlines_between_serverdescriptors.dpatch.
* Update 06_add_compile_time_defaults.dpatch
* Use bin/bash for the init script instead of bin/sh. We are using
ulimit -n which is not POSIX (closes: #338797).
* Remove the EVENT_NOEPOLL block from etc/default/tor.
* Add an ARGS block to etc/default/tor as suggested in #338425.
tor (0.1.1.8-alpha-1) experimental; urgency=low
* New upstream version.
* Add patch from CVS to
"Insert a newline between all router descriptors when generating (old
style) signed directories, in case somebody was counting on that".
r1.247 of dirserv.c, <20051008060243.85F41140808C at moria.seul.org>
tor (0.1.1.7-alpha-1) experimental; urgency=low
* New upstream version.
* More merging from 0.1.0.14+XXXX:
- The tor-dbg package does not really need its own copy of copyright
and changelog in usr/share/doc/tor-dbg.
* Forward port 03_tor_manpage_in_section_8.dpatch
tor (0.1.1.6-alpha-2) experimental; urgency=low
* Merge 0.1.0.14+XXXX changes.
tor (0.1.1.6-alpha-1) experimental; urgency=low
* Experimental upstream version.
tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low
* Even more experimental cvs snapshot.
* Testsuite is mandatory again.
* Forward port 03_tor_manpage_in_section_8.dpatch
* Forward port 06_add_compile_time_defaults.dpatch
tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low
* Experimental upstream version.
* Allow test suite to fail, it's broken in this version.
* Update list of files from doc/ that should be installed.
* Forward port debian/ patches.
tor (0.1.0.17-1) unstable; urgency=low
* New upstream version.
tor (0.1.0.16-1) unstable; urgency=low
* New upstream version.
* Update copyright file for 2006.
tor (0.1.0.15-1) unstable; urgency=low
* New upstream release.
* Forward port 03_tor_manpage_in_section_8.
tor (0.1.0.14-2) unstable; urgency=low
* Ship debugging information in a separate package now, instead
of simply not stripping tor. This is still useful while tor is
young. Ideally it would go away some time.
* Add LSB comments to init script as suggested by Petter Reinholdtsen
on the debian-devel list:
- http://lists.debian.org/debian-devel/2005/08/msg01172.html
- http://wiki.debian.net/?LSBInitScripts
* Work around broken chroots that do not resolve localhost or resolve
it to the wrong IP. We now catch such cases in debian/rules, shout
at the buildd maintainer, and ignore the result of our test suite.
tor (0.1.0.14-1) unstable; urgency=high
* New upstream version - changes, among others:
- Fixes the other half of the bug with crypto handshakes (CVE-2005-2643).
* Since gs-gpl on s390 is broken (#321435) and unable to
build PDFs of our images for the design paper this version
ships them in the source and uses them on s390, should building
them from source really fail.
* Increase standards-version from 3.6.1 to 3.6.2. No changes
necessary.
tor (0.1.0.13-1) unstable; urgency=high
* New upstream version:
- Explicitly set no-unaligned-access for sparc in configure.in.
it turns out the new gcc's let you compile broken code, but
that doesn't make it not-broken (closes: #320140).
- Fix a critical bug in the security of our crypto handshakes.
(Therefore set urgency to high).
and more (see upstream changelog).
* Slightly improve init script to give you proper error messages when
you do not run it as root.
tor (0.1.0.12-1) unstable; urgency=medium
* New upstream version:
- New IP for tor26 directory server,
- fix a possible double-free in tor_gzip_uncompress,
- and more (see upstream changelog).
tor (0.1.0.11-1) unstable; urgency=high
* New upstream version (closes: #316753):
- Fixes a serious bug: servers now honor their exit policies -
In 0.1.0.x only clients enforced them so far. 0.0.9.x is
not affected.
* Build depend on libevent-dev >= 1.1.
* Urgency high because 0.0.9.10-1 did not make it into testing after
like 3 weeks because of an impending ftp-master move. So I might
just as well upload this one.
tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low
* New upstream version.
* Add a watch file.
* Forward port 03_tor_manpage_in_section_8.
* Forward port 06_add_compile_time_defaults.
* Add libevent-dev to build-depends.
* Update URL to tor in debian/control and debian/copyright.
* Add a snippet to disable epoll in etc/default/tor, commented out.
* Add a snippet to set nice level in etc/default/tor.
* Wait for 60 seconds in init stop. 35 is too little.
* Don't depend on python anymore - tor-resolve is C now.
* If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4.
Of course the -dev package needs to be installed.
* Update README.Debian to say that upstream now does have a default
for DataDirectory.
* Don't fail in the init script when we cannot raise the ulimit.
Instead just warn a bit (closes: #312882).
tor (0.0.9.10-1) unstable; urgency=high
* While we're waiting for a newer libevent to enter sid, make another
upload of the 0.0.9.x tree:
- Refuse relay cells that claim to have a length larger than the
maximum allowed. This prevents a potential attack that could read
arbitrary memory (e.g. keys) from an exit server's process
(CVE-2005-2050).
tor (0.0.9.9-1) unstable; urgency=low
* New upstream version.
tor (0.0.9.8-1) unstable; urgency=low
* New upstream version.
tor (0.0.9.7-1) unstable; urgency=low
* New upstream version.
tor (0.0.9.6-1) unstable; urgency=low
* New upstream version.
* Upstream used newer auto* tools, so hopefully the new config.sub
and config.guess files (2003-08-18) are good enough to build
tor on ppc64 (closes: #300376: FTBFS on ppc64).
tor (0.0.9.5-1) unstable; urgency=low
* New upstream version.
tor (0.0.9.4-1) unstable; urgency=low
* New upstream version.
* Set ulimit for file descriptors to 4096 in our init
script.
* Use SIGINT to shutdown tor. That way - if you are a server -
tor will stop accepting new connections immediately, and
give existing connections a grace period of 30 seconds in
which they might complete their task. If you just run a
client it should make no difference.
tor (0.0.9.3-1) unstable; urgency=low
* New upstream version.
* Forward port 07_log_to_file_by_default.
tor (0.0.9.2-1) unstable; urgency=low
* New upstream version.
* Update debian/copyright (it's 2005).
* Add sharedscripts tor logrotate.d/tor.
tor (0.0.9.1-1) unstable; urgency=low
* New upstream version.
tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium
* New upstream release (candidate).
For real this time. Looks like our rc6 orig.tar.gz
was in fact the rc5 one.
* forward port patches/07_log_to_file_by_default
tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium
* New upstream release (candidate).
- cleans up more integer underflows that don't look exploitable.
But one never knows (-> medium).
* Remove those 'date' calls in debian/rules again that were
added in rc5-1.
tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium
* New upstream release (candidate).
- medium because it fixes an integer overflow that might
be exploitable, but doesn't seem to be currently.
* Add a few 'date' calls in debian/rules, so I can see how long
building the docs take on autobuilders.
tor (0.0.8+0.0.9rc3-1) unstable; urgency=low
* New upstream release (candidate).
tor (0.0.8+0.0.9rc2-1) unstable; urgency=low
* New upstream release (candidate).
* Nick's patch is now part of upstream, remove it from
the debian diff.
tor (0.0.8+0.0.9rc1-1) unstable; urgency=low
* New upstream release (candidate).
* Apply nick's patch against config.c (1.267) to handle
absense of units in BandwidthRate.
tor (0.0.8+0.0.9pre6-1) unstable; urgency=low
* New upstream (pre)release.
* Install control-spec.txt into usr/share/doc/tor/.
tor (0.0.8+0.0.9pre5-2) unstable; urgency=low
* Symlink tor(8) manpage to torrc(5).
* Make logs readable by the system administrators (group adm).
* Point to /var/log/tor (the directory) instead of a single
file (/var/log/tor/log) in the debian patch of the manpage.
* Do not patch the default torrc to include settings we really want.
Instead modify the compiled in default options. Those settings are
- RunAsDaemon is enabled by default.
- PidFile is set to /var/run/tor/tor.pid. No default upstream.
- default logging goes to /var/log/tor/log instead of stdout.
- DataDirectory is set to /var/lib/tor by default. No default upstream.
This is also documented in the new debian/README.Debian.
* Remove /usr/bin/tor-control.py from the binary package, it is
not really useful yet, and wasn't meant to be installed by
default.
* Change init startup script to properly deal with tor
printing stuff on startup.
tor (0.0.8+0.0.9pre5-1) unstable; urgency=low
* New upstream (pre)release.
* 04_fix_test can be backed out again.
* Make sure all patches apply cleanly.
* No longer use --pidfile, --logfile, and --runasdaemon
command line options. Set them in the configfile instead.
* Change the description slightly, to say "don't rely on the current Tor
network if you really need strong anonymity", instead of "Tor will not
provide anonymity currently".
tor (0.0.8+0.0.9pre4-1) unstable; urgency=low
* New upstream (pre)release.
* Apply patch from cvs to fix a segfault in src/or/test
(test.c, 1.131).
tor (0.0.8+0.0.9pre3-1) unstable; urgency=high
* New upstream (pre)release.
* Fixes at least one segfault that can be triggered remotely,
a format string vulnerability which probably is not exploitable,
and several assert bugs.
tor (0.0.8+0.0.9pre2-1) unstable; urgency=low
* New upstream (pre)release.
tor (0.0.8+0.0.9pre1-1) unstable; urgency=low
* New upstream (pre)release.
* Built depend on zlib1g-dev.
tor (0.0.8-1) unstable; urgency=low
* New upstream release.
tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low
* New upstream release candidate.
* Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops.
tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low
* New upstream (pre)release.
* Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO,
doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package.
* Build tor-design.{pdf,ps}, wich adds new build-dependencies:
tetex-{bin,extra}, transfig, and gs.
* Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design.
With nodoc the build will not need tetex-{bin,extra}, transfig, and gs.
* Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests
('notest' is an alias')
* Enable coredumps by default, this is still development code.
* Modify 02_add_debian_files_in_manpage to still apply.
tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low
* New upstream (pre)release.
* Depend on python as we now have a python script: tor_resolve
tor (0.0.7.2-1) unstable; urgency=medium
* New upstream release.
Fixes another instance of that remote crash bug.
* Mention another reason why stop/reload may fail in the init script.
tor (0.0.7.1-1) unstable; urgency=medium
* New upstream release.
Fixes a bug that allows a remote crash on exit nodes.
* Logrotate var/log/tor/*log instead of just var/log/tor/log, in
case the admin wants several logs.
tor (0.0.7-1) unstable; urgency=low
* New upstream version
closes: #249893: FTBFS on ia64
tor (0.0.6.2-1) unstable; urgency=medium
* New upstream release (breaks backwards compatibility yet again).
* Recommend socat.
* Since tor is in /usr/sbin, the manpage should be in section 8, not
in section 1. Move it there, including updating the section in
the manpage itself and the reference in torify(1).
* Update debian/copyright file.
tor (0.0.6.1-1) unstable; urgency=medium
* New upstream release (breaks backwards compatibility).
tor (0.0.6-1) unstable; urgency=low
* New upstream release (breaks backwards compatibility).
tor (0.0.5+0.0.6rc4-1) unstable; urgency=low
* New upstream release candidate.
tor (0.0.5+0.0.6rc3-1) unstable; urgency=low
* New upstream release candidate.
tor (0.0.5+0.0.6rc2-1) unstable; urgency=low
* New upstream release candidate.
* Mention upstream website and mailinglist archives in long
description.
tor (0.0.5-1) unstable; urgency=low
* New upstream release.
* Upstream installs a torrc.sample file now, rather than torrc.
Keep using torrc as dpkg handles conffile upgrades.
tor (0.0.4-1) unstable; urgency=low
* New upstream release (how the version numbers fly by :).
tor (0.0.3-1) unstable; urgency=low
* New upstream release.
* Also mention that tree.h is by Niels Provos in debian/copyright.
tor (0.0.2-1) unstable; urgency=low
* New upstream release.
* Uses strlcpy and strlcat by Todd C. Miller, mention him in
debian/copyright.
tor (0.0.1+0.0.2pre27-1) unstable; urgency=low
* New upstream release.
tor (0.0.1+0.0.2pre26-1) unstable; urgency=low
* New upstream release.
* Mention log and pidfile location in tor.1.
tor (0.0.1+0.0.2pre25-1) unstable; urgency=low
* New upstream release.
tor (0.0.1+0.0.2pre24-1) unstable; urgency=low
* New upstream release.
* Do not strip binaries for now.
* Add "# ulimit -c unlimited" to tor.default
* Always enable DataDirectory.
* Actually use dpatch now (to modify upstream torrc.in)
* Wait for tor to die in init stop. Let the user know if it doesn't.
tor (0.0.1+0.0.2pre23-1) unstable; urgency=low
* New upstream release.
* The one test that always failed has been fixed: removed comment from
rules file.
tor (0.0.1+0.0.2pre22-1) unstable; urgency=low
* New upstream release.
* Upstream has moved tor back to usr/bin, but we will keep it in
usr/sbin. That's the right place and it doesn't break my tab
completion there.
tor (0.0.1+0.0.2pre21-1) unstable; urgency=low
* New upstream release.
* 0.0.2pre20-2 removed the Recommends: on privoxy rather
than tsocks (which is now required) by mistake. Fix that.
* package description: Mention that the package starts the OP by default and
that OR can be enabled in the config.
* tor moved to sbin, updating init script.
tor (0.0.1+0.0.2pre20-2) unstable; urgency=low
* Add torify script, documentation, and config file. Means we also
depend on tsocks now rather than just recommending it. Right now
we install it in debian/rules, but upcoming versions might install
it in upstream's make install target.
* There's an upstream ChangeLog file now. Enjoy!
* Add a README.privoxy file that explains how to setup privoxy to
go over tor.
* As is the case too often, the INSTALL file not only covers
installation, but also basic usage and configuration. Therefore
include it in the docs dir.
* Add a lintian override for the INSTALL file.
tor (0.0.1+0.0.2pre20-1) unstable; urgency=low
* New upstream version.
- various design paper updates
- resolve cygwin warnings
- split the token bucket into "rate" and "burst" params
- try to resolve discrepency between bytes transmitted over TLS and actual
bandwidth use
- setuid to user _before_ complaining about running as root
- fix several memleaks and double frees
- minor logging fixes
- add more debugging for logs.
- various documentation fixes and improvements
- for perforcmance testing, paths are always 3 hops, not "3 or more"
(this will go away at a later date again)
* Add dependency on adduser which was previously missing.
* Change short description to a nicer one.
tor (0.0.1+0.0.2pre19-1) unstable; urgency=low
* Initial Release (closes: #216611).
Date: Fri, 24 Dec 2010 16:17:30 +0000
Changed-By: Aron Xu <happyaron.xu at gmail.com>
Maintainer: Peter Palfrader <weasel at debian.org>
Origin: Debian/testing
https://launchpad.net/ubuntu/natty/+source/tor/0.2.1.26-6
-------------- next part --------------
Origin: Debian/testing
Format: 1.7
Date: Fri, 24 Dec 2010 16:17:30 +0000
Source: tor
Binary: tor, tor-dbg, tor-geoipdb
Architecture: source
Version: 0.2.1.26-6
Distribution: natty
Urgency: critical
Maintainer: Peter Palfrader <weasel at debian.org>
Changed-By: Aron Xu <happyaron.xu at gmail.com>
Description:
tor - anonymizing overlay network for TCP
Closes: 216611 249893 300376 312882 316753 320140 338797 349283 413728 421235 421465 447508 448001 468566 495829 514579 514580 538960 570197 604198
Files:
1b1ebcae415b5fbd2f1bf858b7a9a055 1461 net optional tor_0.2.1.26-6.dsc
f1e3794345a97a7d461020d867c669e5 95442 net optional tor_0.2.1.26-6.diff.gz
f7b30a144e1da41aa43f496bd47ffba7 2405749 net optional tor_0.2.1.26.orig.tar.gz
Changes:
tor (0.2.1.26-6) unstable; urgency=high
.
* Fix a remotely exploitable bug that could be used to crash instances
of Tor remotely by overflowing on the heap. Remote-code execution
hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
* Housekeeping: Update IP address and port of directory authority gabelmoo
with data shipped in 0.2.1.28.
.
tor (0.2.1.26-5) unstable; urgency=low
.
* Since the dawn of time (0.0.2pre19-1, January 2004, initial release
of the debian package), the postinst script has changed ownership and
permissions of various trees like /var/lib/tor, /var/run/tor, and
/var/log/tor, sometimes recursively.
.
It turns out this actually is a security issue, so try to be more
conservative when fixing up modes and only chown/chgrp
/var/{lib,log,run}/tor directly, never recursively.
* Remove /var/run/tor, recursively, on purge. We already do this
for /var/lib/tor and /var/log/tor.
.
tor (0.2.1.26-4) unstable; urgency=high
.
* Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8
(0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198):
.
Do not set the tlsext_host_name extension on server SSL objects; only on
client SSL objects. We set it to immitate a browser, not a vhosting
server. This resolves an incompatibility with openssl 0.9.8p and openssl
1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha.
* Also from 0.2.1.27: Add maatuska as eighth v3 directory authority.
The directory authority servers are the trusted nodes that sign the
directory of all Tor servers. This adds an 8th authority to the
existing list, improving robustness.
* Change section from comm to net. This change was done in the
0.2.2.x tree in experimental during 0.2.2.9 (April 2010) in response
to bug #482801.
* If we have a debian/micro-revision.i, replace the one in src/or
with our copy so that this will be the revision that ends up in
the binary. This is an informational only version string, but
it'd be kinda nice if it was (more) accurate nonetheless.
(Backported from 0.2.2.2-alpha-1 from September 2009.)
.
tor (0.2.1.26-3) unstable; urgency=low
.
* Make sure the cronjob does not try to access a /var/lib/tor
that has already been removed (due to for instance package removal).
Thanks to Holger and piuparts for catching this.
.
tor (0.2.1.26-2) unstable; urgency=medium
.
* No longer set ulimit -c to unlimited:
Up until now the init script (or actually /etc/default/tor) raised
the ulimit for coredumps to unlimited, so that Tor would produce
coredumps on assert errors or segfaults. Coredumps however can
leak sensitive information, like cryptographic session keys and
clients' data should the core files get into the wrong hands. As
such it seems prudent to only enable coredumps if the user or
operator explicitly asks for them, and knows what to do with them.
* Also include a cron.weekly job that removes old coredumps from
/var/lib/tor. This action can be disabled in /etc/default/tor.
.
tor (0.2.1.26-1) unstable; urgency=low
.
* New upstream version.
* Remove debian/patches/15_testuite-thread-fixes (merged upstream).
* tor.postinst: Stop calling stat(1) with its full path.
* Add ${misc:Depends} for all three binary packages because debhelper
might want to add stuff.
.
tor (0.2.1.25-3) unstable; urgency=low
.
* Minor bugfixes to make the testsuite work on our new Octeon machines:
(taken from upstream's maint-0.2.1 branch)
- Testsuite: In the util/threads test no longer free the test_mutex
before all worker threads have finished.
- Testsuite: The master thread could starve the worker threads quite
badly on certain systems, causing them to run only partially in
the allowed window. This resulted in test failures. Now the master
thread sleeps occasionally for a few microseconds while the two
worker-threads compete for the mutex.
(both in debian/patches/15_testuite-thread-fixes)
.
tor (0.2.1.25-2) unstable; urgency=low
.
* In /etc/default/tor also source /etc/default/tor.vidalia if it exists
and if vidalia is installed. We do this so that the vidalia package
can override some of our settings: People who have vidalia installed might
not want to run Tor as a system service. The vidalia .deb can ask them
that and then set run-daemon to no.
.
tor (0.2.1.25-1) unstable; urgency=low
.
* New upstream version.
- Obsoletes patches/15_enable_renegotiation_on_098k.
* Change order of recommends from privoxy | polipo to polipo | privoxy.
[change done in experimental (0.2.2.x) long ago).
.
tor (0.2.1.23-2) unstable; urgency=low
.
* Enable ssl renegotiation also on 0.9.8k (closes: #570197).
.
tor (0.2.1.23-1) unstable; urgency=low
.
* New upstream version.
- We no longer need to build-depend on a recent libssl-dev because
Tor now detects whether we need to explicitly turn on
autonegotiation at run-time rather than compile time. Good.
(This also means we no longer need to conflict with newer
libssls when we built against an old one on backports.)
.
tor (0.2.1.22-1) unstable; urgency=medium
.
* New upstream version.
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.
[and more]
.
tor (0.2.1.21-1) unstable; urgency=low
.
* New upstream version.
* Drop patches/ce0a89e2-work-with-reneg-ssl.dpatch (already in
upstream).
.
tor (0.2.1.20-2) unstable; urgency=low
.
* Pick ce0a89e2624471272ffc4950c5069d9b81a7f0b9 from maint-0.2.1 git tree:
- work with libssl that has renegotiation disabled by default.
(debian/patches/ce0a89e2-work-with-reneg-ssl.dpatch)
* Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against
earlier versions we will not work once libssl gets upgraded to a version
that disabled renegotiations.
.
tor (0.2.1.20-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.2.1.19-1) unstable; urgency=low
.
* New upstream version.
- Make accessing hidden services on 0.2.1.x work right (closes: #538960).
[More items are in the upstream changelog.]
.
tor (0.2.1.18-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.2.1.17-rc-1) experimental; urgency=low
.
* New upstream version.
* Update upstream URL in debian/copyright.
.
tor (0.2.1.16-rc-1) experimental; urgency=low
.
* New upstream version.
* No longer inform the user if/when we re-create the /var/run/tor
directory in the init script. With /var/run on tmpfs this is
completely normal now so our message was just noise.
* Stop shipping /var/run/tor in the package.
* Only clean up permissions of /var/run/tor in postinst if the
directory actually exists.
* Update Standards-Version from 3.8.0 to 3.8.1. No real changes
required, we already support nocheck in DEB_BUILD_OPTIONS since
August 2004, and we already create our var/run directory in the
init script (tho we now no longer ship it either - see above).
* Change debhelper compatibility version from 4 to 5:
- Change dh_strip call from --dbg-package=tor
to --dbg-package=tor-dbg.
- Update versioned build time dependency on debhelper.
* Forward port 06_add_compile_time_defaults.
.
tor (0.2.1.15-rc-1) experimental; urgency=low
.
* New upstream version.
* Change build time dependency on gs to ghostscript.
.
tor (0.2.1.14-rc-1) experimental; urgency=low
.
* New upstream version.
* Change Section of tor-dbg to debug.
.
tor (0.2.1.13-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.1.12-alpha-1) experimental; urgency=low
.
* New upstream version, fixing several security relevant bugs:
- Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity (closes: #514579).
- Fix a temporary DoS vulnerability that could be performed by
a directory mirror (closes: #514580).
* patches/06_add_compile_time_defaults: Only set the User option in
the config if we run as root. Do not set it when run as debian-tor
as Tor then always insists on changing users which will fail. (If
we run as any other user we don't set our debian defaults anyway.)
.
tor (0.2.1.11-alpha-1) experimental; urgency=high
.
* New upstream version:
- Fixes a possible remote heap buffer overflow bug.
- torify(1) manpage mentions DNS leaks now (closes: #495829).
* README.Debian: No longer claim we change the default 'Group' setting
when run as debian-user. That setting no longer exists.
* Forward port 03_tor_manpage_in_section_8.dpatch.
.
tor (0.2.1.10-alpha-1) experimental; urgency=low
.
* New alpha release.
* Forward port 03_tor_manpage_in_section_8.dpatch.
.
tor (0.2.1.9-alpha-1) experimental; urgency=low
.
* New alpha release.
.
tor (0.2.1.8-alpha-1) experimental; urgency=low
.
* New alpha release.
.
tor (0.2.1.7-alpha-2) experimental; urgency=low
.
* No longer set now obsolete Group setting in built-in debian config.
.
tor (0.2.1.7-alpha-1) experimental; urgency=low
.
* New alpha release.
.
tor (0.2.1.6-alpha-1) experimental; urgency=low
.
* New alpha release.
* Forward port 14_fix_geoip_warning.dpatch.
.
tor (0.2.1.5-alpha-1) experimental; urgency=low
.
* New alpha release.
.
tor (0.2.1.4-alpha-1) experimental; urgency=low
.
* New alpha release.
* Do not build with openbsd's malloc unless enable-openbsd-malloc is in
DEB_BUILD_OPTIONS.
.
tor (0.2.1.2-alpha-1) experimental; urgency=low
.
* New alpha release.
.
tor (0.2.0.30-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.2.0.29-rc-2) unstable; urgency=low
.
* Upload to unstable.
.
tor (0.2.0.29-rc-1) experimental; urgency=low
.
* New upstream version.
* Warn the admin if the number of file descriptors on his system is
tiny.
.
tor (0.2.0.28-rc-1) experimental; urgency=low
.
* New upstream version.
* Remove debian/patches/11_tor_as_root_more_helpful.dpatch as
it is no longer needed: We now setuid() to the Tor user
when run as root and it all just works.
* Add comments to the dpatch headers so lintian shuts up.
* Add patches/14_fix_geoip_warning: Change geoipdb open failed message.
* Require unit tests to pass again.
.
tor (0.2.0.27-rc-1) experimental; urgency=low
.
* New upstream version.
* Add tor-geoipdb arch: all package for the geoip database.
* Update debian/rules so that there now is a binary-common target
and the binary-indep and binary-arch targets call make with
proper DH_OPTIONS options. This is taken from the template
that dh_make nowadays uses for multi-binary packages.
* Unit tests are broken, yay.
* Use ${binary:Version} to depend on the right tor binary package from
the tor-dbg package instead of ${Source-Version}. Some guy on the
internet said the latter was deprecated.
* Add Homepage: https://www.torproject.org/ field to control file.
* And mention www.tp.o instead of the old tor.eff.org in the long
description.
* No longer ignore failure of make clean in the clean target.
* Support passing of parallel=<n> in build options.
* Change declared Standards-Version to 3.8.0.
.
tor (0.2.0.26-rc-1) experimental; urgency=critical
.
* New upstream version.
* Conflict with old libssls.
* On upgrading from versions prior to, including, 0.1.2.19-2, or
from versions later than 0.2.0 and prior to 0.2.0.26-rc do the
following, and if we are a server (we have a /var/lib/tor/keys
directory)
- move /var/lib/tor/keys/secret_onion_key out of the way.
- move /var/lib/tor/keys/secret_onion_key.old out of the way.
- move /var/lib/tor/keys/secret_id_key out of the way if it was
created on or after 2006-09-17, which is the day the bad
libssl was uploaded to Debian unstable.
* Add a NEWS file explaining this change.
.
tor (0.2.0.24-rc-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.23-rc-1) experimental; urgency=low
.
* New upstream version.
* Mention OpenBSD_malloc_Linux.c in debian/copyright.
* Add a recommends on logrotate.
.
tor (0.2.0.22-rc-1) experimental; urgency=low
.
* New upstream version.
* Work around fig2dev failing to build the images on all archs
(re #457568).
* Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is
found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the
horrible memory fragmentation that glibc's malloc causes.
.
tor (0.2.0.21-rc-1) experimental; urgency=low
.
* New upstream version.
* Run --verify-config before start/reload/restart as root. No longer
su - to debian-tor tor run it. Given that we now even start Tor as
root (it setuids later on) this should be fine (closes: #468566).
.
tor (0.2.0.20-rc-1) experimental; urgency=low
.
* New upstream version.
* Change the default for MAX_FILEDESCRIPTORS in our init script to depend
on the number of system-wide available file descriptors:
/proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's
greater than 40k set the limit to 16k, and when greater than 10k our limit
shall be 8k descriptors. If there are less than 20k FDs in the entire
system default to a limit of only 1024.
.
Big servers at the moment regularly use more than 10k FDs, so our old
default of 8k no longer is sufficient. On the other hand we don't want
lower end systems to run out of FDs on Tor's account.
* If we run as root also apply debian defaults.
* Add User=debian-tor and Group=debian-tor to debian defaults. That allows
us to start Tor as root and have it setuid/setgid to the target user.
* Change the init script to start Tor as root. Now we should be able to
bind to low port.
.
tor (0.2.0.19-alpha-1) experimental; urgency=low
.
* New upstream version.
* It's 2008. Now is the time to add copyright statements for 2007.
* Forward port 03_tor_manpage_in_section_8.dpatch.
.
tor (0.2.0.18-alpha-2) experimental; urgency=low
.
* Work around fig2dev failing to build the images on mipsel like we do on
sparc and s390 (re #457568)
* Fix postinst find command that chowns stuff to the right user. Find
does weird things in the presence of !.
.
tor (0.2.0.18-alpha-1) experimental; urgency=low
.
* New upstream version.
* postinst: Remove the check that requires the debian-tor user
to have a uid between 100 and 999. There is no good reason
to require this. If the local admin moves the system users/uid-space
to some other range then they probably have a good reason for that.
* postinst: change wording if debian-tor's homedir is wrong, do not
print anything if it is ok.
* postinst: We were only fixing the permissions of /var/{lib,run,log}/tor
when we were not upgrading. Unfortunately the check doesn't work all
that well usually in cases where the package was removed (not purged)
and then later re-installed again. Now we ensure proper ownership
and modes for all the directories and files below /var/{lib,run,log}/tor
(the dirs themselves included) every time we run postinst.
* postinst: if we reboot between unpacking and configuring on some smart
systems this will mean that we just lost /var/run/tor - creating it
in the maintainer script if it doesn't exist.
* Create logfiles in logrotate so that they come into the world with the
correct mode (o-r).
.
tor (0.2.0.17-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.15-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.14-alpha-1) experimental; urgency=low
.
* New upstream version.
* Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again -
it's included upstream.
* Work around fig2dev failing to build the images on sparc like we do on
s390.
.
tor (0.2.0.13-alpha-1) experimental; urgency=low
.
* New upstream version.
* Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch).
.
tor (0.2.0.12-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.11-alpha-1) experimental; urgency=low
.
* New upstream version.
* remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's
now part of upstream.
.
tor (0.2.0.9-alpha-2) experimental; urgency=low
.
* Do not separate required lsb facilities with commas in the
init script (closes: #448001).
* Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch,
from trunk/head.
.
tor (0.2.0.9-alpha-1) experimental; urgency=low
.
* New upstream version.
* Only create pid dir if we are about to start Tor (Luca Capello,
closes: #447508).
.
tor (0.2.0.8-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.7-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.6-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.5-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.4-alpha-1) experimental; urgency=high
.
* New upstream version.
.
tor (0.2.0.3-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.2-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.2.0.1-alpha-1) experimental; urgency=low
.
* New upstream version.
* Forward port 06_add_compile_time_defaults.
* teTeX is no more, long live TeX Live:
- remove build depends on tetex-bin, tetex-extra,
- add build depends on texlive-base-bin for dvips and bibtex,
texlive-latex-base for latex, and texlive-fonts-recommended for fonts
like ptmr7t.
.
tor (0.1.2.19-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.2.18-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.2.17-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.2.16-1) unstable; urgency=high
.
* New upstream version.
.
tor (0.1.2.15-1) unstable; urgency=low
.
* New upstream version.
* Change build-depends from tetex to texlive suite.
.
tor (0.1.2.14-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.2.13-3) unstable; urgency=low
.
* Always give a shell (/bin/sh) when we use su(1) in our init script
(closes: #421465).
.
tor (0.1.2.13-2) unstable; urgency=low
.
* In options_init_from_torrc()'s error path only config_free() options
if they already have been initialized (closes: #421235).
.
tor (0.1.2.13-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.2.12-rc-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.2.10-rc-1) experimental; urgency=low
.
* New upstream version.
* Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728).
.
tor (0.1.2.8-beta-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.2.7-alpha-1) experimental; urgency=low
.
* New upstream version.
* Install all the spec files into usr/share/doc/tor/spec now.
They moved to doc/spec/* from just doc/* in the source too.
.
tor (0.1.2.6-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.2.5-alpha-1) experimental; urgency=low
.
* New upstream version.
* Disable 02_add_debian_files_in_manpage.dpatch for now.
.
tor (0.1.2.4-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.2.3-alpha-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.2.2-alpha-1) experimental; urgency=low
.
[ Peter Palfrader ]
* New upstream version.
.
[ Roger Dingledine ]
* Minor update of debian/copyright.
.
tor (0.1.2.1-alpha-1) experimental; urgency=low
.
* Forward port 07_log_to_file_by_default.dpatch.
* Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and
Log differed from upstreams. Now Tor behaves just like before (with
our own DataDirectory and all) only when run as the debian-tor user.
If invoked as any other user, Tor will behave just like the pristine
upstream version.
* Tell users about the init script when they try to run Tor as root.
Should we also do this when they try to run their Tor as any other
(non root, non debian-tor) user? - add 11_tor_as_root_more_helpful
* Use tor --verify-config before start and reload. Abort init script
with exit 1 if config does not verify.
* Change Standards-Version to 3.7.2. No changes required.
.
tor (0.1.1.26-1) unstable; urgency=high
.
* New upstream version (Stop sending the HttpProxyAuthenticator string to
directory servers when directory connections are tunnelled through Tor).
.
tor (0.1.1.25-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.1.24-1) unstable; urgency=low
.
* New upstream version.
* Update debian/copyright:
- tree.h has vanished somewhere along the current branch
- ht.h is new and credits Christopher Clark
- We didn't mention Matej Pfajfar's copyright before.
* Forward port 07_log_to_file_by_default.
.
tor (0.1.1.23-1) unstable; urgency=medium
.
* New upstream version.
.
tor (0.1.1.22-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.1.21-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.1.20-1) unstable; urgency=low
.
* New upstream stable release: The 0.1.1.x tree is now the new stable
tree. Upload to unstable rather than experimental.
.
tor (0.1.1.19-rc-1) experimental; urgency=low
.
* New upstream version.
* Remove support for my nodoc DEB_BUILD_OPTIONS variable. It clutters
stuff and I haven't used it in ages.
* Update debian/tor.docs file.
.
tor (0.1.1.18-rc-1) experimental; urgency=low
.
* New upstream version.
* update debian/tor.doc:
- no longer ship INSTALL and README files, they are useless now.
- doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html,
doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced
by doc/website/stylesheet.css and doc/website/tor-* which is more
or less the same, only taken from the website. Some links are
probably broken still, but this should get fixed eventually.
.
tor (0.1.1.17-rc-1) experimental; urgency=low
.
* New upstream version.
* Forward port patches/07_log_to_file_by_default.
.
tor (0.1.1.16-rc-1) experimental; urgency=low
.
* New upstream version.
.
tor (0.1.1.15-rc-1) experimental; urgency=low
.
* New upstream version.
* Apparently passing --host to configure when not cross-compiling
is evil now and greatly confuses configure. So don't do it unless it
actually differs from --build host.
.
tor (0.1.1.14-alpha-1) experimental; urgency=low
.
* New upstream version.
* Include 0.1.0.17 changelog in experimental tree.
* doc/FAQ is no longer shipped, so remove it from debian/tor.docs.
.
tor (0.1.1.13-alpha-1) experimental; urgency=low
.
* New upstream version.
* Forward port patches/02_add_debian_files_in_manpage.
* Forward port patches/03_tor_manpage_in_section_8.
* Create /var/run/tor on init script start if it does
not exist already.
* Set default ulimit -n to 8k instead of 4k in /etc/default/tor.
* Print that we're raising the ulimit to stdout in the init script.
* Add CVE numbers to past issues in the changelog where applicable.
.
tor (0.1.1.12-alpha-1) experimental; urgency=low
.
* New upstream version, that was a quick one. :)
* Forward port patches/02_add_debian_files_in_manpage.
.
tor (0.1.1.11-alpha-1) experimental; urgency=low
.
* New upstream version.
- Implement "entry guards": automatically choose a handful of entry
nodes and stick with them for all circuits. This will increase
security dramatically against certain end-point attacks
(closes: #349283, CVE-2006-0414).
* Forward port patches/07_log_to_file_by_default.
* Forward port 0.1.0.16 changelog and change to copyright file.
.
tor (0.1.1.10-alpha-1) experimental; urgency=low
.
* New upstream version.
* doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream
tarball, remove them from debian/tor.docs.
* add the following new files to tor.docs: doc/socks-extensions.txt,
doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html
.
tor (0.1.1.9-alpha-1) experimental; urgency=low
.
* New upstream version.
* Remove 08_add_newlines_between_serverdescriptors.dpatch.
* Update 06_add_compile_time_defaults.dpatch
* Use bin/bash for the init script instead of bin/sh. We are using
ulimit -n which is not POSIX (closes: #338797).
* Remove the EVENT_NOEPOLL block from etc/default/tor.
* Add an ARGS block to etc/default/tor as suggested in #338425.
.
tor (0.1.1.8-alpha-1) experimental; urgency=low
.
* New upstream version.
* Add patch from CVS to
"Insert a newline between all router descriptors when generating (old
style) signed directories, in case somebody was counting on that".
r1.247 of dirserv.c, <20051008060243.85F41140808C at moria.seul.org>
.
tor (0.1.1.7-alpha-1) experimental; urgency=low
.
* New upstream version.
* More merging from 0.1.0.14+XXXX:
- The tor-dbg package does not really need its own copy of copyright
and changelog in usr/share/doc/tor-dbg.
* Forward port 03_tor_manpage_in_section_8.dpatch
.
tor (0.1.1.6-alpha-2) experimental; urgency=low
.
* Merge 0.1.0.14+XXXX changes.
.
tor (0.1.1.6-alpha-1) experimental; urgency=low
.
* Experimental upstream version.
.
tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low
.
* Even more experimental cvs snapshot.
* Testsuite is mandatory again.
* Forward port 03_tor_manpage_in_section_8.dpatch
* Forward port 06_add_compile_time_defaults.dpatch
.
tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low
.
* Experimental upstream version.
* Allow test suite to fail, it's broken in this version.
* Update list of files from doc/ that should be installed.
* Forward port debian/ patches.
.
tor (0.1.0.17-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.1.0.16-1) unstable; urgency=low
.
* New upstream version.
* Update copyright file for 2006.
.
tor (0.1.0.15-1) unstable; urgency=low
.
* New upstream release.
* Forward port 03_tor_manpage_in_section_8.
.
tor (0.1.0.14-2) unstable; urgency=low
.
* Ship debugging information in a separate package now, instead
of simply not stripping tor. This is still useful while tor is
young. Ideally it would go away some time.
* Add LSB comments to init script as suggested by Petter Reinholdtsen
on the debian-devel list:
- http://lists.debian.org/debian-devel/2005/08/msg01172.html
- http://wiki.debian.net/?LSBInitScripts
* Work around broken chroots that do not resolve localhost or resolve
it to the wrong IP. We now catch such cases in debian/rules, shout
at the buildd maintainer, and ignore the result of our test suite.
.
tor (0.1.0.14-1) unstable; urgency=high
.
* New upstream version - changes, among others:
- Fixes the other half of the bug with crypto handshakes (CVE-2005-2643).
* Since gs-gpl on s390 is broken (#321435) and unable to
build PDFs of our images for the design paper this version
ships them in the source and uses them on s390, should building
them from source really fail.
* Increase standards-version from 3.6.1 to 3.6.2. No changes
necessary.
.
tor (0.1.0.13-1) unstable; urgency=high
.
* New upstream version:
- Explicitly set no-unaligned-access for sparc in configure.in.
it turns out the new gcc's let you compile broken code, but
that doesn't make it not-broken (closes: #320140).
- Fix a critical bug in the security of our crypto handshakes.
(Therefore set urgency to high).
and more (see upstream changelog).
* Slightly improve init script to give you proper error messages when
you do not run it as root.
.
tor (0.1.0.12-1) unstable; urgency=medium
.
* New upstream version:
- New IP for tor26 directory server,
- fix a possible double-free in tor_gzip_uncompress,
- and more (see upstream changelog).
.
tor (0.1.0.11-1) unstable; urgency=high
.
* New upstream version (closes: #316753):
- Fixes a serious bug: servers now honor their exit policies -
In 0.1.0.x only clients enforced them so far. 0.0.9.x is
not affected.
* Build depend on libevent-dev >= 1.1.
* Urgency high because 0.0.9.10-1 did not make it into testing after
like 3 weeks because of an impending ftp-master move. So I might
just as well upload this one.
.
tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low
.
* New upstream version.
* Add a watch file.
* Forward port 03_tor_manpage_in_section_8.
* Forward port 06_add_compile_time_defaults.
* Add libevent-dev to build-depends.
* Update URL to tor in debian/control and debian/copyright.
* Add a snippet to disable epoll in etc/default/tor, commented out.
* Add a snippet to set nice level in etc/default/tor.
* Wait for 60 seconds in init stop. 35 is too little.
* Don't depend on python anymore - tor-resolve is C now.
* If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4.
Of course the -dev package needs to be installed.
* Update README.Debian to say that upstream now does have a default
for DataDirectory.
* Don't fail in the init script when we cannot raise the ulimit.
Instead just warn a bit (closes: #312882).
.
tor (0.0.9.10-1) unstable; urgency=high
.
* While we're waiting for a newer libevent to enter sid, make another
upload of the 0.0.9.x tree:
- Refuse relay cells that claim to have a length larger than the
maximum allowed. This prevents a potential attack that could read
arbitrary memory (e.g. keys) from an exit server's process
(CVE-2005-2050).
.
tor (0.0.9.9-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.0.9.8-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.0.9.7-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.0.9.6-1) unstable; urgency=low
.
* New upstream version.
* Upstream used newer auto* tools, so hopefully the new config.sub
and config.guess files (2003-08-18) are good enough to build
tor on ppc64 (closes: #300376: FTBFS on ppc64).
.
tor (0.0.9.5-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.0.9.4-1) unstable; urgency=low
.
* New upstream version.
* Set ulimit for file descriptors to 4096 in our init
script.
* Use SIGINT to shutdown tor. That way - if you are a server -
tor will stop accepting new connections immediately, and
give existing connections a grace period of 30 seconds in
which they might complete their task. If you just run a
client it should make no difference.
.
tor (0.0.9.3-1) unstable; urgency=low
.
* New upstream version.
* Forward port 07_log_to_file_by_default.
.
tor (0.0.9.2-1) unstable; urgency=low
.
* New upstream version.
* Update debian/copyright (it's 2005).
* Add sharedscripts tor logrotate.d/tor.
.
tor (0.0.9.1-1) unstable; urgency=low
.
* New upstream version.
.
tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium
.
* New upstream release (candidate).
For real this time. Looks like our rc6 orig.tar.gz
was in fact the rc5 one.
* forward port patches/07_log_to_file_by_default
.
tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium
.
* New upstream release (candidate).
- cleans up more integer underflows that don't look exploitable.
But one never knows (-> medium).
* Remove those 'date' calls in debian/rules again that were
added in rc5-1.
.
tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium
.
* New upstream release (candidate).
- medium because it fixes an integer overflow that might
be exploitable, but doesn't seem to be currently.
* Add a few 'date' calls in debian/rules, so I can see how long
building the docs take on autobuilders.
.
tor (0.0.8+0.0.9rc3-1) unstable; urgency=low
.
* New upstream release (candidate).
.
tor (0.0.8+0.0.9rc2-1) unstable; urgency=low
.
* New upstream release (candidate).
* Nick's patch is now part of upstream, remove it from
the debian diff.
.
tor (0.0.8+0.0.9rc1-1) unstable; urgency=low
.
* New upstream release (candidate).
* Apply nick's patch against config.c (1.267) to handle
absense of units in BandwidthRate.
.
tor (0.0.8+0.0.9pre6-1) unstable; urgency=low
.
* New upstream (pre)release.
* Install control-spec.txt into usr/share/doc/tor/.
.
tor (0.0.8+0.0.9pre5-2) unstable; urgency=low
.
* Symlink tor(8) manpage to torrc(5).
* Make logs readable by the system administrators (group adm).
* Point to /var/log/tor (the directory) instead of a single
file (/var/log/tor/log) in the debian patch of the manpage.
* Do not patch the default torrc to include settings we really want.
Instead modify the compiled in default options. Those settings are
.
- RunAsDaemon is enabled by default.
- PidFile is set to /var/run/tor/tor.pid. No default upstream.
- default logging goes to /var/log/tor/log instead of stdout.
- DataDirectory is set to /var/lib/tor by default. No default upstream.
.
This is also documented in the new debian/README.Debian.
* Remove /usr/bin/tor-control.py from the binary package, it is
not really useful yet, and wasn't meant to be installed by
default.
* Change init startup script to properly deal with tor
printing stuff on startup.
.
tor (0.0.8+0.0.9pre5-1) unstable; urgency=low
.
* New upstream (pre)release.
* 04_fix_test can be backed out again.
* Make sure all patches apply cleanly.
* No longer use --pidfile, --logfile, and --runasdaemon
command line options. Set them in the configfile instead.
* Change the description slightly, to say "don't rely on the current Tor
network if you really need strong anonymity", instead of "Tor will not
provide anonymity currently".
.
tor (0.0.8+0.0.9pre4-1) unstable; urgency=low
.
* New upstream (pre)release.
* Apply patch from cvs to fix a segfault in src/or/test
(test.c, 1.131).
.
tor (0.0.8+0.0.9pre3-1) unstable; urgency=high
.
* New upstream (pre)release.
* Fixes at least one segfault that can be triggered remotely,
a format string vulnerability which probably is not exploitable,
and several assert bugs.
.
tor (0.0.8+0.0.9pre2-1) unstable; urgency=low
.
* New upstream (pre)release.
.
tor (0.0.8+0.0.9pre1-1) unstable; urgency=low
.
* New upstream (pre)release.
* Built depend on zlib1g-dev.
.
tor (0.0.8-1) unstable; urgency=low
.
* New upstream release.
.
tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low
.
* New upstream release candidate.
* Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops.
.
tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low
.
* New upstream (pre)release.
* Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO,
doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package.
* Build tor-design.{pdf,ps}, wich adds new build-dependencies:
tetex-{bin,extra}, transfig, and gs.
* Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design.
With nodoc the build will not need tetex-{bin,extra}, transfig, and gs.
* Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests
('notest' is an alias')
* Enable coredumps by default, this is still development code.
* Modify 02_add_debian_files_in_manpage to still apply.
.
tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low
.
* New upstream (pre)release.
* Depend on python as we now have a python script: tor_resolve
.
tor (0.0.7.2-1) unstable; urgency=medium
.
* New upstream release.
Fixes another instance of that remote crash bug.
* Mention another reason why stop/reload may fail in the init script.
.
tor (0.0.7.1-1) unstable; urgency=medium
.
* New upstream release.
Fixes a bug that allows a remote crash on exit nodes.
* Logrotate var/log/tor/*log instead of just var/log/tor/log, in
case the admin wants several logs.
.
tor (0.0.7-1) unstable; urgency=low
.
* New upstream version
closes: #249893: FTBFS on ia64
.
tor (0.0.6.2-1) unstable; urgency=medium
.
* New upstream release (breaks backwards compatibility yet again).
* Recommend socat.
* Since tor is in /usr/sbin, the manpage should be in section 8, not
in section 1. Move it there, including updating the section in
the manpage itself and the reference in torify(1).
* Update debian/copyright file.
.
tor (0.0.6.1-1) unstable; urgency=medium
.
* New upstream release (breaks backwards compatibility).
.
tor (0.0.6-1) unstable; urgency=low
.
* New upstream release (breaks backwards compatibility).
.
tor (0.0.5+0.0.6rc4-1) unstable; urgency=low
.
* New upstream release candidate.
.
tor (0.0.5+0.0.6rc3-1) unstable; urgency=low
.
* New upstream release candidate.
.
tor (0.0.5+0.0.6rc2-1) unstable; urgency=low
.
* New upstream release candidate.
* Mention upstream website and mailinglist archives in long
description.
.
tor (0.0.5-1) unstable; urgency=low
.
* New upstream release.
* Upstream installs a torrc.sample file now, rather than torrc.
Keep using torrc as dpkg handles conffile upgrades.
.
tor (0.0.4-1) unstable; urgency=low
.
* New upstream release (how the version numbers fly by :).
.
tor (0.0.3-1) unstable; urgency=low
.
* New upstream release.
* Also mention that tree.h is by Niels Provos in debian/copyright.
.
tor (0.0.2-1) unstable; urgency=low
.
* New upstream release.
* Uses strlcpy and strlcat by Todd C. Miller, mention him in
debian/copyright.
.
tor (0.0.1+0.0.2pre27-1) unstable; urgency=low
.
* New upstream release.
.
tor (0.0.1+0.0.2pre26-1) unstable; urgency=low
.
* New upstream release.
* Mention log and pidfile location in tor.1.
.
tor (0.0.1+0.0.2pre25-1) unstable; urgency=low
.
* New upstream release.
.
tor (0.0.1+0.0.2pre24-1) unstable; urgency=low
.
* New upstream release.
* Do not strip binaries for now.
* Add "# ulimit -c unlimited" to tor.default
* Always enable DataDirectory.
* Actually use dpatch now (to modify upstream torrc.in)
* Wait for tor to die in init stop. Let the user know if it doesn't.
.
tor (0.0.1+0.0.2pre23-1) unstable; urgency=low
.
* New upstream release.
* The one test that always failed has been fixed: removed comment from
rules file.
.
tor (0.0.1+0.0.2pre22-1) unstable; urgency=low
.
* New upstream release.
* Upstream has moved tor back to usr/bin, but we will keep it in
usr/sbin. That's the right place and it doesn't break my tab
completion there.
.
tor (0.0.1+0.0.2pre21-1) unstable; urgency=low
.
* New upstream release.
* 0.0.2pre20-2 removed the Recommends: on privoxy rather
than tsocks (which is now required) by mistake. Fix that.
* package description: Mention that the package starts the OP by default and
that OR can be enabled in the config.
* tor moved to sbin, updating init script.
.
tor (0.0.1+0.0.2pre20-2) unstable; urgency=low
.
* Add torify script, documentation, and config file. Means we also
depend on tsocks now rather than just recommending it. Right now
we install it in debian/rules, but upcoming versions might install
it in upstream's make install target.
* There's an upstream ChangeLog file now. Enjoy!
* Add a README.privoxy file that explains how to setup privoxy to
go over tor.
* As is the case too often, the INSTALL file not only covers
installation, but also basic usage and configuration. Therefore
include it in the docs dir.
* Add a lintian override for the INSTALL file.
.
tor (0.0.1+0.0.2pre20-1) unstable; urgency=low
.
* New upstream version.
- various design paper updates
- resolve cygwin warnings
- split the token bucket into "rate" and "burst" params
- try to resolve discrepency between bytes transmitted over TLS and actual
bandwidth use
- setuid to user _before_ complaining about running as root
- fix several memleaks and double frees
- minor logging fixes
- add more debugging for logs.
- various documentation fixes and improvements
- for perforcmance testing, paths are always 3 hops, not "3 or more"
(this will go away at a later date again)
* Add dependency on adduser which was previously missing.
* Change short description to a nicer one.
.
tor (0.0.1+0.0.2pre19-1) unstable; urgency=low
.
* Initial Release (closes: #216611).
More information about the Natty-changes
mailing list