Date: Sat, 28 Mar 2026 17:25:58 +0000 From: Yuri Victorovich <yuri@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Fabian Keil <fk@fabiankeil.de> Subject: git: b1c015b7cc8c - main - security/tor: update 0.4.=?utf-8?Q?9.5 =E2=86=92?= 0.4.9.6 Message-ID: <69c80f26.39c13.14f19f00@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by yuri: URL: https://cgit.FreeBSD.org/ports/commit/?id=b1c015b7cc8c4d436d82cecda7c0f322091d659b commit b1c015b7cc8c4d436d82cecda7c0f322091d659b Author: Fabian Keil <fk@fabiankeil.de> AuthorDate: 2026-03-28 17:23:54 +0000 Commit: Yuri Victorovich <yuri@FreeBSD.org> CommitDate: 2026-03-28 17:25:55 +0000 security/tor: update 0.4.9.5 → 0.4.9.6 Quoting the announcement at: <https://lists.torproject.org/mailman3/hyperkitty/list/tor-announce@lists.torproject.org/message/MDZTQ6KHN7YPUPE2GQYYQQFNP3KCMK3M/>; Changes in version 0.4.9.6 - 2026-03-25 This is a security release fixing major bugfixes that could possibly lead to remote crashing relays. We strongly recommend upgrading as soon as possible. o Major bugfix (security): - Fix a stack overflow of 11 bytes on malicious CREATED2. This lead to a remote crash. TROVE-2026-003. Reported-by: Anas Cherni of Calif.io. Fixes bug 41231; bugfix on 0.4.9.1-alpha. o Major bugfix (security, conflux): - Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem. TROVE-2026-004. Fixes bug 41232; bugfix on 0.4.8.1-alpha. o Minor bugfixes (security): - Fix a series of defense in depth security issues found across the codebase. Fixes bug 41228; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability): - (Hopefully) fix our polyval implementation on big-endian platforms. Fixes bug 41215; bugfix on 0.4.9.3-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on March 25, 2026. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2026/03/25. PR: 294064 --- security/tor/Makefile | 2 +- security/tor/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/tor/Makefile b/security/tor/Makefile index 3251198af349..e31d86e0f576 100644 --- a/security/tor/Makefile +++ b/security/tor/Makefile @@ -1,5 +1,5 @@ PORTNAME= tor -DISTVERSION= 0.4.9.5 +DISTVERSION= 0.4.9.6 CATEGORIES= security net MASTER_SITES= TOR diff --git a/security/tor/distinfo b/security/tor/distinfo index 7a344b5a0b54..050e2f5abd3a 100644 --- a/security/tor/distinfo +++ b/security/tor/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1772172274 -SHA256 (tor-0.4.9.5.tar.gz) = c949c2f86b348e64891976f6b1e49c177655b23df97193049bf1b8cd3099e179 -SIZE (tor-0.4.9.5.tar.gz) = 10810648 +TIMESTAMP = 1774516352 +SHA256 (tor-0.4.9.6.tar.gz) = a89aba97052e9963a654b40df2d46be07e8a6b6e24e5437917fd81acd90a7017 +SIZE (tor-0.4.9.6.tar.gz) = 10759319home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69c80f26.39c13.14f19f00>