-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 23:26:03 CET Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: source all i386 Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: Peter Palfrader Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha256: 02575897343609f97b8e5c8603bebb42af644923e577b6747dffd9fccd9a313a 1493 tor_0.2.1.29-1~lenny+1.dsc 0545724fe8a0202fdfa5504fbcd08389799aded2a99b882eb8fbac7a0bd9334e 83582 tor_0.2.1.29-1~lenny+1.diff.gz f9381697b1914e83008e01d258142bbb8799bb9c9dbf46baba8dc6b8293c6c2d 1108554 tor-geoipdb_0.2.1.29-1~lenny+1_all.deb db45af5afa31165420118012212352c73a76a26a824b0f5f6532ffae093588ae 1129240 tor_0.2.1.29-1~lenny+1_i386.deb d4ada6bb02e37efcc0589eee74bdb8b37eb8980ad70521e0f8c20bd7ca58afcd 916442 tor-dbg_0.2.1.29-1~lenny+1_i386.deb 070d314effd6c08f8b5a8a1ebb4f5c3af644d48a9e38e9cba34fd3f2e981ec64 2521399 tor_0.2.1.29.orig.tar.gz Checksums-Sha1: 4c5e76e1ec75742522a2613f0da795a86071ada9 1493 tor_0.2.1.29-1~lenny+1.dsc 8bc02384fa4d53cb9ff217f5e66a073010f7c090 83582 tor_0.2.1.29-1~lenny+1.diff.gz 1ddb6cdd10b73bccccfc2ed86f0b8d444ca36106 1108554 tor-geoipdb_0.2.1.29-1~lenny+1_all.deb d1ec4a2ed8f8392b61b09b6c11b6a71cb14e90d2 1129240 tor_0.2.1.29-1~lenny+1_i386.deb 3d1554b3b167bb1233312437a985ce360997af3e 916442 tor-dbg_0.2.1.29-1~lenny+1_i386.deb cd534b99c91070504f4e70008ab8940a816b5bc6 2521399 tor_0.2.1.29.orig.tar.gz Files: 53fae3e3fb940ec1ec57af03c3c47622 1493 net optional tor_0.2.1.29-1~lenny+1.dsc 8ee47255982befd7cdf5591f7a4367de 83582 net optional tor_0.2.1.29-1~lenny+1.diff.gz 1e506d70deed3aa7c3dc149bafa938a4 1108554 net extra tor-geoipdb_0.2.1.29-1~lenny+1_all.deb f4bc01985e91cbe90ebd51a5e131265e 1129240 net optional tor_0.2.1.29-1~lenny+1_i386.deb f98755287f2c6980af3dc40641c0cfe5 916442 debug extra tor-dbg_0.2.1.29-1~lenny+1_i386.deb 1cd4feea84f2b066717b500d090bcf65 2521399 net optional tor_0.2.1.29.orig.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJNM3CHAAoJEDTSCgbh3sV3ZJoH/0Jy46SUhhjnmEbynrt6xzrB aiqIZ21GsqtT3fsZ45hVK+lsCAVaDgvXbnmi6bSkQqR+BxWGEEmLNWnDxWOpqO+K 4l3g6P3h0g480JP+PMpDmCLdGousa4XjQYd7Qljf1hH+dwEGn3FNyqKuc9OnvCQy jMzX3UIW7Zc9Ue4nX6L3Qvw0+X9c8+HOm1JEHC4rpUBBP/LuwMc7C2tLo8gHDlKl y7KNOObde8tEXgX1wVorlnGOefDbgnnV6BUnSC5RjGMqjWEQxVPbOLwWBvkhewLy Wfj9mPjGZntzm7F/vtxplXU7cRIZ4LyL5uddeJtYwXf0MV2jCDDAGs5YsSUJsgo= =g8sP -----END PGP SIGNATURE-----