Re: Tor 0.2.1.29 is released (security patches)

On 17 Jan 2011 16:09:20 GMT, Gordon Darling wrote:

> "Tor 0.2.1.29 continues our recent code security audit work. The main
> fix resolves a remote heap overflow vulnerability that can allow remote
> code execution. Other fixes address a variety of assert and crash bugs,
> most of which we think are hard to exploit remotely.
>
> All Tor users should upgrade.
>
> https://www.torproject.org/download/download

<snippers>

> o Minor features:
> - Update to the January 1 2011 Maxmind GeoLite Country database.

Thanks Tor guys but sure wish you could find a better way to handle
these monthly updates...

> - Introduce output size checks on all of our decryption functions.
>
> o Build changes:
> - Tor does not build packages correctly with Automake 1.6 and earlier;
> added a check to Makefile.am to make sure that we're building with
> Automake 1.7 or later.

http://sources.redhat.com/automake/automake.html is the manual...READ
IT before asking Tech questions...

>
> Regards
> Gordon

Tech wins...

THANKS
--
These are dark times, there is no denying. Our Tech world has perhaps
faced no greater threat than it does today. But I say this to my
citizenry: I, ever your servant, will continue to defend your liberty
and repel the forces that seek to take it from you! I remain, strong.