On 17 Jan 2011 16:09:20 GMT, Gordon Darling wrote:
> "Tor 0.2.1.29 continues our recent code security audit work. The main
> fix resolves a remote heap overflow vulnerability that can allow remote
> code execution. Other fixes address a variety of assert and crash bugs,
> most of which we think are hard to exploit remotely.
> All Tor users should upgrade.
> o Minor features:
> - Update to the January 1 2011 Maxmind GeoLite Country database.
Thanks Tor guys but sure wish you could find a better way to handle
these monthly updates...
> - Introduce output size checks on all of our decryption functions.
> o Build changes:
> - Tor does not build packages correctly with Automake 1.6 and earlier;
> added a check to Makefile.am to make sure that we're building with
> Automake 1.7 or later.
These are dark times, there is no denying. Our Tech world has perhaps
faced no greater threat than it does today. But I say this to my
citizenry: I, ever your servant, will continue to defend your liberty
and repel the forces that seek to take it from you! I remain, strong.