File _patchinfo of Package patchinfo

<patchinfo>
  <issue id="889688" tracker="bnc">CVE-2014-5117: Tor 0.2.4.23 fixes RELAY_EARLY issue</issue>
  <issue id="CVE-2014-5117" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>- Tor 0.2.4.23 [bnc#889688] [CVE-2014-5117]
  Slows down the risk from guard rotation and backports several
  important fixes from the Tor 0.2.5 alpha release series.
- Major features:
  - Clients now look at the "usecreatefast" consensus parameter to
    decide whether to use CREATE_FAST or CREATE cells for the first hop
    of their circuit. This approach can improve security on connections
    where Tor's circuit handshake is stronger than the available TLS
    connection security levels, but the tradeoff is more computational
    load on guard relays.
  - Make the number of entry guards configurable via a new
    NumEntryGuards consensus parameter, and the number of directory
    guards configurable via a new NumDirectoryGuards consensus
    parameter.
- Major bugfixes:
  - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
    implementation that caused incorrect results on 32-bit
    implementations when certain malformed inputs were used along with
    a small class of private ntor keys.
- Minor bugfixes:
  - Warn and drop the circuit if we receive an inbound 'relay early'
    cell.
  - Correct a confusing error message when trying to extend a circuit
    via the control protocol but we don't know a descriptor or
    microdescriptor for one of the specified relays.
  - Avoid an illegal read from stack when initializing the TLS module
    using a version of OpenSSL without all of the ciphers used by the
    v2 link handshake.
</description>
  <summary>update for tor</summary>
</patchinfo>