[Tor-BSD] OpenBSD testers neededFw: fix security issue in -stable for net/tor

George Rosamond george at ceetonetechnology.com
Wed Dec 13 18:39:00 EST 2017

> On 14 Dec 2017, at 08:22, Daniel Jakots <vigdis+tor at chown.me> wrote:
>>> We usually don't remove relays from the network unless they are
>>> actively causing severe issues for clients. The last time we did this
>>> for a particular tor version was back in 0.2.9 due to a bad directory
>>> cache bug.
>>> As far as I know, there are no plans to remove older relays from the
>>> network.
>>> Instead, we will mark them as "not recommended" in Relay Search,
>>> and the relays themselves will warn about their old version in their
>>> logs.
>> So what does the "not recommended" mark? Just a hint that you should
>> update?
> Yes, just a hint to update.
> We also declare major version series unsupported.
> (Like 0.2.7 earlier this year, or 0.2.8 and 0.3.0 in January.)
> Then they stop receiving security patches.

AFAIK, it was just a "Tor out of date" type message out of syslog.

I manually updated the port to for two nodes on OpenBSD -stable,
and was going to do a diff.

But as these are both small embedded boxes and I have dedicated
${TORDATADIR} partitions on each, Tor jumped in disk usage and bombed
out both bridges.

On that note, what is the maximum Tor data dir everyone is seeing,
regardless of OS?  I have up to 222M on one relay that's on

Thanks for jumping on it DJ.  Backporting *really* matters for the Tor


More information about the Tor-BSD mailing list