[Tor-BSD] tor 0.3.2.x reaching end-of-life on 2018-10-09

George Rosamond george at ceetonetechnology.com
Sat Oct 6 15:29:05 EDT 2018

George Rosamond:

Replying back to myself after talking with Teor offline..

> Tim Kuijsten:
>> What would be the best approach for those who are running Tor on OpenBSD
>> stable (currently that is OBSD 6.3 with Tor (via ports)).
> Yes, as 0.3.2.x is EOL'd tomorrow IIRC
>> I assume the Tor port on 6.3 only gets updates for 0.3.2.x, not
>> 0.3.3.x.  So there will be a window where the port is not supported
>> anymore by the Tor project and 6.4 with the new 0.3.4.x is still not out
>> (only at November 1st).
> Right

Unsupported tor branches (0.3.2.x in this case) dont receive security

>> I currently checkout out ports via cvs at the point where was
>> committed and build on a 6.3 stable host. Manually distributed that
>> binary to an 6.3 server and it looks like it runs, but it's not optimal.
>> Are there any consensus weight penalties for running 0.3.2.x after it's
>> eol?
> Yes, I believe there is.

That was incorrect. There is no cw penalty, but IMHO, there should be.

> The is a few things to note:
> * -stable packages are provided when updated. Although myself and Vigdis
> have discussed doing something about this in the past...
> * When a port version is deprecated, update the port yourself. Updating
> to 0.3.4.x is simple enough... and I've been running for a while on a
> bunch of servers. I think it just needed the version changed... check
> openbsd doc to build.
> * I did sent Pascal@ a diff for, which was pretty simple, but I
> don't think the ports been updated.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nycbug.org/pipermail/tor-bsd/attachments/20181006/f2529d79/attachment.bin>

More information about the Tor-BSD mailing list