Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id C66547A1B1
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Sun,  5 Mar 2017 14:55:17 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 3F052855D4; Sun,  5 Mar 2017 14:55:17 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id C3281855D2
	for <pkgsrc-changes@NetBSD.org>; Sun,  5 Mar 2017 14:55:16 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id q04w1Ltd-KQu for <pkgsrc-changes@netbsd.org>;
	Sun,  5 Mar 2017 14:55:16 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 2AABB855A7
	for <pkgsrc-changes@NetBSD.org>; Sun,  5 Mar 2017 14:55:16 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 21585FBE4; Sun,  5 Mar 2017 14:55:16 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1488725716298090"
MIME-Version: 1.0
Date: Sun, 5 Mar 2017 14:55:16 +0000
From: "Thomas Klausner" <wiz@netbsd.org>
Subject: CVS commit: pkgsrc/net/tor
To: pkgsrc-changes@NetBSD.org
Reply-To: wiz@netbsd.org
X-Mailer: log_accum
Message-Id: <20170305145516.21585FBE4@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1488725716298090
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	wiz
Date:		Sun Mar  5 14:55:16 UTC 2017

Modified Files:
	pkgsrc/net/tor: Makefile distinfo

Log Message:
Updated tor to 0.2.9.10.

Changes in version 0.2.9.10 - 2017-03-01
  Tor 0.2.9.10 backports a security fix for users who build Tor with
  the --enable-expensive-hardening option. It also includes fixes for
  some major issues affecting directory authorities, LibreSSL
  compatibility, and IPv6 correctness.

  The Tor 0.2.9.x release series is now marked as a long-term-support
  series.  We intend to backport security fixes to 0.2.9.x until at
  least January of 2020.

  o Major bugfixes (directory authority, 0.3.0.3-alpha):
    - During voting, when marking a relay as a probable sybil, do not
      clear its BadExit flag: sybils can still be bad in other ways
      too. (We still clear the other flags.) Fixes bug 21108; bugfix
      on 0.2.0.13-alpha.

  o Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha):
    - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
      any IPv6 addresses. Instead, only reject a port over IPv6 if the
      exit policy rejects that port on more than an IPv6 /16 of
      addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
      which rejected a relay's own IPv6 address by default. Fixes bug
      21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.

  o Major bugfixes (parsing, also in 0.3.0.4-rc):
    - Fix an integer underflow bug when comparing malformed Tor
      versions. This bug could crash Tor when built with
      --enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
      0.2.9.8, which were built with -ftrapv by default. In other cases
      it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
      on 0.0.8pre1. Found by OSS-Fuzz.

  o Minor features (directory authorities, also in 0.3.0.4-rc):
    - Directory authorities now reject descriptors that claim to be
      malformed versions of Tor. Helps prevent exploitation of
      bug 21278.
    - Reject version numbers with components that exceed INT32_MAX.
      Otherwise 32-bit and 64-bit platforms would behave inconsistently.
      Fixes bug 21450; bugfix on 0.0.8pre1.

  o Minor features (geoip):
    - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
      Country database.

  o Minor features (portability, compilation, backport from 0.3.0.3-alpha):
    - Autoconf now checks to determine if OpenSSL structures are opaque,
      instead of explicitly checking for OpenSSL version numbers. Part
      of ticket 21359.
    - Support building with recent LibreSSL code that uses opaque
      structures. Closes ticket 21359.

  o Minor bugfixes (code correctness, also in 0.3.0.4-rc):
    - Repair a couple of (unreachable or harmless) cases of the risky
      comparison-by-subtraction pattern that caused bug 21278.

  o Minor bugfixes (tor-resolve, backport from 0.3.0.3-alpha):
    - The tor-resolve command line tool now rejects hostnames over 255
      characters in length. Previously, it would silently truncate them,
      which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
      Patch by "junglefowl".


To generate a diff of this commit:
cvs rdiff -u -r1.117 -r1.118 pkgsrc/net/tor/Makefile
cvs rdiff -u -r1.78 -r1.79 pkgsrc/net/tor/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1488725716298090
Content-Disposition: inline
Content-Length: 1524
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/net/tor/Makefile
diff -u pkgsrc/net/tor/Makefile:1.117 pkgsrc/net/tor/Makefile:1.118
--- pkgsrc/net/tor/Makefile:1.117	Tue Jan 24 08:59:07 2017
+++ pkgsrc/net/tor/Makefile	Sun Mar  5 14:55:15 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.117 2017/01/24 08:59:07 wiz Exp $
+# $NetBSD: Makefile,v 1.118 2017/03/05 14:55:15 wiz Exp $
 
-DISTNAME=		tor-0.2.9.9
+DISTNAME=		tor-0.2.9.10
 CATEGORIES=		net security
 MASTER_SITES=		http://www.torproject.org/dist/
 

Index: pkgsrc/net/tor/distinfo
diff -u pkgsrc/net/tor/distinfo:1.78 pkgsrc/net/tor/distinfo:1.79
--- pkgsrc/net/tor/distinfo:1.78	Tue Jan 24 08:59:07 2017
+++ pkgsrc/net/tor/distinfo	Sun Mar  5 14:55:15 2017
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.78 2017/01/24 08:59:07 wiz Exp $
+$NetBSD: distinfo,v 1.79 2017/03/05 14:55:15 wiz Exp $
 
-SHA1 (tor-0.2.9.9.tar.gz) = 031bc77666a761ae7bc88cdade8187a3e3758d69
-RMD160 (tor-0.2.9.9.tar.gz) = 2a94b5abb565dc5e508fb6e70a05ea60e53202f3
-SHA512 (tor-0.2.9.9.tar.gz) = cbe7e1f3e503b945f150916b7147cf23d1c32c3660e15aecfe5e2f2baac3a241de665e6ce4e81b81229933eba7f02d4a86e8deeabf2378d40fa83a7036928c9b
-Size (tor-0.2.9.9.tar.gz) = 5534005 bytes
+SHA1 (tor-0.2.9.10.tar.gz) = c3dbf92bab07d0043e3d1959385c0eb110bd2443
+RMD160 (tor-0.2.9.10.tar.gz) = 90b4d7f4cee19f06a7fb63f4f249df52d004e4b8
+SHA512 (tor-0.2.9.10.tar.gz) = c18c4faf18406f04165136f0d70e6bc2896f3f02770beadaab5e7a99441d71b897ae3a14a046eaec99a1bd6d8ad7758b28f7d652588842b77621cdc95d4fb7e1
+Size (tor-0.2.9.10.tar.gz) = 5557586 bytes


--_----------=_1488725716298090--