-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 16 Jan 2011 22:44:47 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: s390 Version: 0.2.1.29-1~lenny+1 Distribution: stable-security Urgency: high Maintainer: s390 Build Daemon Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - geoIP database for Tor Changes: tor (0.2.1.29-1~lenny+1) stable-security; urgency=high . * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. Checksums-Sha1: 6f5e21c95f5f50cb357dc7808256c880531220b4 1203066 tor_0.2.1.29-1~lenny+1_s390.deb 1afbc633cdbad27c641e5a30beb6f7ca95059184 966050 tor-dbg_0.2.1.29-1~lenny+1_s390.deb Checksums-Sha256: 98a25ff27468b3a6c7bfa996ecf71519d7038f3d2680465d728954a12427e7b7 1203066 tor_0.2.1.29-1~lenny+1_s390.deb 5f82d1efeb32dc9f16c94fbfbe6c9fce439147022d0f469d449495ba73b5ded1 966050 tor-dbg_0.2.1.29-1~lenny+1_s390.deb Files: 9e9b2e64222c8b1744b8fc248f93da5b 1203066 net optional tor_0.2.1.29-1~lenny+1_s390.deb 80680a6fbcc08fcfaf854a30fa2eea33 966050 debug extra tor-dbg_0.2.1.29-1~lenny+1_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk00Hx8ACgkQLkAIIn9ODhHzBwCg62ITZnpuvKqfWx7jvmHUG+5X UpMAoJvJOVoc/38v8ViW/WNGGVLMnsEL =c6RD -----END PGP SIGNATURE-----