[Tor-BSD] OpenBSD testers neededFw: fix security issue in -stable for net/tor

Daniel Jakots vigdis+tor at chown.me
Thu Dec 14 15:39:39 EST 2017

On Wed, 13 Dec 2017 23:39:00 +0000, George Rosamond
<george at ceetonetechnology.com> wrote:

> teor:
> > 
> > On 14 Dec 2017, at 08:22, Daniel Jakots <vigdis+tor at chown.me> wrote:
> >> So what does the "not recommended" mark? Just a hint that you
> >> should update?  
> > 
> > Yes, just a hint to update.
> > 
> > We also declare major version series unsupported.
> > (Like 0.2.7 earlier this year, or 0.2.8 and 0.3.0 in January.)
> > Then they stop receiving security patches.  

Thanks, I sent a head-up to ports at openbsd about it.

> AFAIK, it was just a "Tor out of date" type message out of syslog.
> I manually updated the port to for two nodes on OpenBSD
> -stable, and was going to do a diff.

This kind of update can't be done on -stable as we try to minimize as
much as possible the diffs that get in.

> Thanks for jumping on it DJ.  Backporting *really* matters for the Tor
> stuff.

I'm happy to do it ;)


More information about the Tor-BSD mailing list