-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: mips Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: Debian Build Daemon Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: eadb2b4f58d31767202514a7381531fe94a29a19 1182914 tor_0.2.1.29-1~lenny+1_mips.deb 7fd528decff6061b85cc07e690e7ad2e77aacab6 981804 tor-dbg_0.2.1.29-1~lenny+1_mips.deb Checksums-Sha256: 2c9c72572bbaeb985f0662b39e3032ac31b60b903aa4c7de9b3620572881ff71 1182914 tor_0.2.1.29-1~lenny+1_mips.deb 1c15fb2895953d1e59a2ba3edac3987b33dcce94130ce3216508e4eecc143a18 981804 tor-dbg_0.2.1.29-1~lenny+1_mips.deb Files: a6defd4b8064b458d9b4fda4d06ce048 1182914 net optional tor_0.2.1.29-1~lenny+1_mips.deb 6b61e762875a73befce38476add0a4ca 981804 debug extra tor-dbg_0.2.1.29-1~lenny+1_mips.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00fOIACgkQXm3vHE4uyloYTACeME4e1vSM9Xnuj6F6DDm2XQs8 3tcAn1VetW/RSqnNomQ1YWkbZCkptq2B =3B4+ -----END PGP SIGNATURE-----