See https://gitlab.torproject.org/tpo/core/tor/-/commit/7aa496a2e057bb7c3cc284a04a1a4d2941c304f1. o Major bugfixes (TROVE-2023-004, relay): - Mitigate an issue when Tor compiled with OpenSSL can crash during handshake with a remote relay. Fixes bug 40874; bugfix on 0.2.7.2-alpha.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9b0f69c9bf89f33e458a0d6e07fa11b847742666 commit 9b0f69c9bf89f33e458a0d6e07fa11b847742666 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-11-03 15:38:04 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-11-03 15:38:26 +0000 net-vpn/tor: add 0.4.8.8 Bug: https://bugs.gentoo.org/916759 Signed-off-by: Sam James <sam@gentoo.org> net-vpn/tor/Manifest | 3 + net-vpn/tor/tor-0.4.8.8.ebuild | 177 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 180 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f232b4efc5f1bfb9068b808527197e357f505c70 commit f232b4efc5f1bfb9068b808527197e357f505c70 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-11-03 15:33:44 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-11-03 15:38:17 +0000 net-vpn/tor: add 0.4.7.16 Bug: https://bugs.gentoo.org/916759 Signed-off-by: Sam James <sam@gentoo.org> net-vpn/tor/Manifest | 3 + net-vpn/tor/tor-0.4.7.16.ebuild | 167 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 170 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7102d5944702889c29e3f0a08640c67255f075a4 commit 7102d5944702889c29e3f0a08640c67255f075a4 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-07-17 05:26:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-07-17 05:53:00 +0000 net-vpn/tor: drop 0.4.7.13-r1, 0.4.7.16, 0.4.7.16-r1, 0.4.8.10 Bug: https://bugs.gentoo.org/916759 Bug: https://bugs.gentoo.org/917142 Signed-off-by: Sam James <sam@gentoo.org> net-vpn/tor/Manifest | 9 - net-vpn/tor/files/tor-0.4.7.13-libressl.patch | 202 ------------ net-vpn/tor/files/tor-0.4.7.16-arm64-sandbox.patch | 337 --------------------- net-vpn/tor/tor-0.4.7.13-r1.ebuild | 149 --------- net-vpn/tor/tor-0.4.7.16-r1.ebuild | 180 ----------- net-vpn/tor/tor-0.4.7.16.ebuild | 167 ---------- net-vpn/tor/tor-0.4.8.10.ebuild | 189 ------------ 7 files changed, 1233 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=efa55227db2e144cbd8ee1ef7f7b88bb2c0b30e0 commit efa55227db2e144cbd8ee1ef7f7b88bb2c0b30e0 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-09-24 05:15:39 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-09-24 05:16:12 +0000 [ GLSA 202409-24 ] Tor: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/916759 Bug: https://bugs.gentoo.org/917142 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202409-24.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)