-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: sparc Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: sparc Build Daemon (schroeder) Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: ace57723cf26d729360b08a53c9f4ea42208f611 1134358 tor_0.2.1.29-1~lenny+1_sparc.deb 478bdb716a52e1469df29eb686970eb6aa0d6644 838428 tor-dbg_0.2.1.29-1~lenny+1_sparc.deb Checksums-Sha256: 90cdf8ca1ed2f71b1202b8324e81a12786ce2e217935f6bd2375eb87e1a8e257 1134358 tor_0.2.1.29-1~lenny+1_sparc.deb e66e95ac6fba3eb699933e9b63c3b94e386464ed111a6c2807be3b26662792f6 838428 tor-dbg_0.2.1.29-1~lenny+1_sparc.deb Files: fb4b276dd64229218fd61e309ddad977 1134358 net optional tor_0.2.1.29-1~lenny+1_sparc.deb 815970258687f50b16789c1715302d59 838428 debug extra tor-dbg_0.2.1.29-1~lenny+1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00PxYACgkQeGfVPHR5Nd2R1ACgngaKKrbpYvhcZj5eB7vl9622 ruAAn2bc54LAz3g1nUdwFmqgDHFxTrCG =ocHn -----END PGP SIGNATURE-----