-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: mipsel Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: mipsel Build Daemon (mayer) Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: b922d4fe0dd0e0cf2608e90c39caed9dc1032c27 1187286 tor_0.2.1.29-1~lenny+1_mipsel.deb 246fc30f6ff487a59df0770d904be59f344f2145 965146 tor-dbg_0.2.1.29-1~lenny+1_mipsel.deb Checksums-Sha256: 1fa57d4162c21f7b8a0af42d4539180ce2b5c990e4a0771a40fa5f28aedea436 1187286 tor_0.2.1.29-1~lenny+1_mipsel.deb 96fee204595835b86142c33a5d111b7085cbd9370f40fadfa9132d3e29abbe13 965146 tor-dbg_0.2.1.29-1~lenny+1_mipsel.deb Files: a0c4aec5cc12226a625caee2b0949f46 1187286 net optional tor_0.2.1.29-1~lenny+1_mipsel.deb f6089ae4f3b2f3bdfea7103f8b167a39 965146 debug extra tor-dbg_0.2.1.29-1~lenny+1_mipsel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00fNsACgkQXm3vHE4uylo/4ACgqP4ub2kCJFICtq2SikLSVgvi ABkAnj2b7AiTFmZub4szdCnF6BMLYdhG =mOg7 -----END PGP SIGNATURE-----