-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: hppa Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: hppa Build Daemon (peri) Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: 9baafdad84ec64c3a9ab93a1dea2d9b00337e880 1181782 tor_0.2.1.29-1~lenny+1_hppa.deb b33e93ae9ca4e748afbde5aa2e84f4300f79cb58 928712 tor-dbg_0.2.1.29-1~lenny+1_hppa.deb Checksums-Sha256: c312c9f60519968762c4aa23a9cdaa14e60c2b3476e69f09ed63ec24a9c7457c 1181782 tor_0.2.1.29-1~lenny+1_hppa.deb a6d6847b6bbe633d7bb72e7264728f0c8a78cda90596b18b595f7a3583a14465 928712 tor-dbg_0.2.1.29-1~lenny+1_hppa.deb Files: 7617798829948050408b4b9bafbd2880 1181782 net optional tor_0.2.1.29-1~lenny+1_hppa.deb 6bbc52a0b8404fd682fed3451c1b2418 928712 debug extra tor-dbg_0.2.1.29-1~lenny+1_hppa.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00fQ4ACgkQXm3vHE4uylotjgCfZzOzsY/D1FS1g+S14IZJFkcV jrEAnRxsq/45V0j2wzXBqZn5qfqyd04Y =g+39 -----END PGP SIGNATURE-----