Project not found: openSUSE:ALP:Experimental:Slowroll:Base
Overview

File _patchinfo of Package patchinfo.18174

<patchinfo incident="18174">
  <issue tracker="bnc" id="1216873">VUL-0: tor: crash during handshake with a remote relay (TROVE-2023-004 )</issue>
  <packager>AndreasStieger</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for tor</summary>
  <description>This update for tor fixes the following issues:

- tor 0.4.8.8:

  * Mitigate an issue when Tor compiled with OpenSSL can crash during
    handshake with a remote relay. (TROVE-2023-004, boo#1216873)
  * Regenerate fallback directories generated on November 03, 2023.
  * Update the geoip files to match the IPFire Location Database, as
    retrieved on 2023/11/03
  * directory authority: Look at the network parameter
    "maxunmeasuredbw" with the correct spelling
  * vanguards addon support: Count the conflux linked cell as
    valid when it is successfully processed. This will quiet a 
    spurious warn in the vanguards addon

- tor 0.4.8.7:

  * Fix an issue that prevented us from pre-building more conflux
    sets after existing sets had been used

- tor 0.4.8.6:

  * onion service: Fix a reliability issue where services were
    expiring their introduction points every consensus update.
    This caused connectivity issues for clients caching the old
    descriptor and intro points
  * Log the input and output buffer sizes when we detect a potential
    compression bomb
  * Disable multiple BUG warnings of a missing relay identity key when
    starting an instance of Tor compiled without relay support
  * When reporting a pseudo-networkstatus as a bridge authority, or
    answering "ns/purpose/*" controller requests, include accurate
    published-on dates from our list of router descriptors
  * Use less frightening language and lower the log-level of our
    run-time ABI compatibility check message in our Zstd
    compression subsystem

- tor 0.4.8.5:

  * bugfixes creating log BUG stacktrace

- tor 0.4.8.4:

  * Extend DoS protection to partially opened channels and known
    relays
  * Dynamic Proof-Of-Work protocol to thwart flooding DoS attacks
    against hidden services. Disabled by default, enable via
    "HiddenServicePoW" in torrc
  * Implement conflux traffic splitting
  * Directory authorities and relays now interact properly with
    directory authorities if they change addresses

- tor 0.4.7.14:

  *  bugfix affecting vanguards (onion service), and minor fixes
  
- Enable support for scrypt()
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places