From 7e0537c75ca641842075f6b107959ade6985f685 Mon Sep 17 00:00:00 2001 From: sthen Date: Fri, 16 Dec 2011 20:08:50 +0000 Subject: [PATCH] SECURITY update to tor 0.2.2.35 "Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's buffers code. Absolutely everybody should upgrade." More info https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes OK pascal@ (maintainer) --- net/tor/Makefile | 7 ++++--- net/tor/distinfo | 10 +++++----- net/tor/patches/patch-configure | 18 +++++++++--------- 3 files changed, 18 insertions(+), 17 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 0cd45d176cd..07e6153b3dc 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.54 2011/10/28 18:13:22 jcs Exp $ +# $OpenBSD: Makefile,v 1.55 2011/12/16 20:08:50 sthen Exp $ COMMENT= anonymity service using onion routing -DISTNAME= tor-0.2.2.34 +DISTNAME= tor-0.2.2.35 CATEGORIES= net HOMEPAGE= http://www.torproject.org/ @@ -13,7 +13,8 @@ PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB= c crypto event m pthread ssl z + +WANTLIB += c crypto event m pthread ssl z MASTER_SITES= ${HOMEPAGE}dist/ diff --git a/net/tor/distinfo b/net/tor/distinfo index 8069cc64cf1..036d31a1b8d 100644 --- a/net/tor/distinfo +++ b/net/tor/distinfo @@ -1,5 +1,5 @@ -MD5 (tor-0.2.2.34.tar.gz) = Dxu7jghuoqukH/f4mPzzvQ== -RMD160 (tor-0.2.2.34.tar.gz) = PL9vAKuIAQ7S+RZSbErO+ahRTDc= -SHA1 (tor-0.2.2.34.tar.gz) = gdd30H0BUT2kg7zSfckrw2ES53E= -SHA256 (tor-0.2.2.34.tar.gz) = oCelNbNeX5ynCR5Mg6BrS+SPD5XWkGvdRnzMBlnn55g= -SIZE (tor-0.2.2.34.tar.gz) = 2752710 +MD5 (tor-0.2.2.35.tar.gz) = 3Oz2mcS5KTGdXxzgNY1INQ== +RMD160 (tor-0.2.2.35.tar.gz) = mYbwiS1BDenz1Jal223ikogpXpI= +SHA1 (tor-0.2.2.35.tar.gz) = mECOCMDGFsTHZp0BimbFX8ZgytM= +SHA256 (tor-0.2.2.35.tar.gz) = 8UGkH//TFJSg+W67trmZ6rM85i1cMfgSIqCs0DStvzo= +SIZE (tor-0.2.2.35.tar.gz) = 2787536 diff --git a/net/tor/patches/patch-configure b/net/tor/patches/patch-configure index 8942ecc3170..2e1dfe5bb0a 100644 --- a/net/tor/patches/patch-configure +++ b/net/tor/patches/patch-configure @@ -1,7 +1,7 @@ -$OpenBSD: patch-configure,v 1.14 2011/09/17 10:39:26 sthen Exp $ ---- configure.orig Sat Sep 17 00:55:21 2011 -+++ configure Sat Sep 17 00:56:22 2011 -@@ -5511,8 +5511,8 @@ for ac_lib in '' pthread; do +$OpenBSD: patch-configure,v 1.15 2011/12/16 20:08:50 sthen Exp $ +--- configure.orig Thu Dec 15 17:01:54 2011 ++++ configure Fri Dec 16 19:49:38 2011 +@@ -5532,8 +5532,8 @@ for ac_lib in '' nsl; do if test -z "$ac_lib"; then ac_res="none required" else @@ -10,9 +10,9 @@ $OpenBSD: patch-configure,v 1.14 2011/09/17 10:39:26 sthen Exp $ + ac_res=-$ac_lib + LIBS="-$ac_lib $ac_func_search_save_LIBS" fi - rm -f conftest.$ac_objext conftest$ac_exeext - if { (ac_try="$ac_link" -@@ -5594,8 +5594,8 @@ for ac_lib in '' pthread; do + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_gethostbyname=$ac_res +@@ -5588,8 +5588,8 @@ for ac_lib in '' dl; do if test -z "$ac_lib"; then ac_res="none required" else @@ -21,5 +21,5 @@ $OpenBSD: patch-configure,v 1.14 2011/09/17 10:39:26 sthen Exp $ + ac_res=-$ac_lib + LIBS="-$ac_lib $ac_func_search_save_LIBS" fi - rm -f conftest.$ac_objext conftest$ac_exeext - if { (ac_try="$ac_link" + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_dlopen=$ac_res