-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: powerpc Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: powerpc Build Daemon (poulenc) Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: 4e1bfff1f5de08a35c0f4c739b5b562e35da3aa4 1191542 tor_0.2.1.29-1~lenny+1_powerpc.deb 04a41a7fe6bb27629902ac9ec26b17fed4a6a7c3 953510 tor-dbg_0.2.1.29-1~lenny+1_powerpc.deb Checksums-Sha256: 085ddca6bcb77d26584a112d8fcf273e375d007a133c315a03614acc165b58ae 1191542 tor_0.2.1.29-1~lenny+1_powerpc.deb 5313a7128a0264e5e2b1481c200726c2b0b99e751b59c231d83671737d1e6ed3 953510 tor-dbg_0.2.1.29-1~lenny+1_powerpc.deb Files: 447d50953160ac4928d6cd1aa41645c9 1191542 net optional tor_0.2.1.29-1~lenny+1_powerpc.deb c309fd654e7d2f6bda7851fc648fd9f4 953510 debug extra tor-dbg_0.2.1.29-1~lenny+1_powerpc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00fNcACgkQXm3vHE4uylqu3gCgwow0B9w6tj8yey8o87kWAtY2 ySQAoIbHNWysPvPGt3iX4b2fdYBmAvAx =s5Gz -----END PGP SIGNATURE-----