Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1494860
| Summary: | tor-0.2.9.10-1.el7.x86_64 is unsecure and out of date | |||
|---|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | Ludovic Hirlimann [:Paul-muadib] <ludovic> | |
| Component: | tor | Assignee: | Nobody's working on this, feel free to take it <nobody> | |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | epel7 | CC: | lewk, mh+fedora, mh, pwouters, s | |
| Target Milestone: | --- | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | tor-0.3.1.7-1.fc27 tor-0.2.9.12-1.fc25 tor-0.3.1.7-1.fc26 tor-0.2.9.12-1.el6 tor-0.2.9.12-1.el7 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1527018 (view as bug list) | Environment: | ||
| Last Closed: | 2017-10-10 19:28:57 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
|
Description
Ludovic Hirlimann [:Paul-muadib]
2017-09-23 18:06:54 UTC
tor-0.2.9.12-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abe6f98ebf tor-0.2.9.12-1.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e4d447e97c tor-0.2.9.12-1.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-03b487b716 tor-0.2.9.12-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf3746f1f6 tor-0.2.9.12-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d tor-0.2.9.12-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e4d447e97c tor-0.2.9.12-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abe6f98ebf tor-0.2.9.12-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf3746f1f6 tor-0.2.9.12-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d tor-0.2.9.12-1.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-03b487b716 I've left a comment on bodhi. I still see that version as not good from the TOR network. I do not see a warning on your atlas site, where is it visible? The release 0.2.9.12 is the latest Tor LTS release (https://lists.torproject.org/pipermail/tor-announce/2017-September/000139.html), this is according to Tor's Wiki Page and verified with Tor staff: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases Also it fixes all outstanding CVEs, so I would be suprised if Tor would flag their latest LTS release as being not good. I'm ready to bring newer (non-LTS) versions to Fedora, however first I'd like to sort out #1495063 before moving on. Pushing the latest LTS release to all the repositories was the most non-intrusive action to do, while still fixing all security issues. (In reply to Marcel Haerry from comment #12) > I do not see a warning on your atlas site, where is it visible? > It's not showing anymore, it was under property and had a big red button. (maybe some cache issue on atlas. Thanks. i'll update bodhi. tor-0.3.1.7-1.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2c714515b tor-0.3.1.7-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-1179268a20 tor-0.3.1.7-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-1179268a20 tor-0.3.1.7-1.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2c714515b No 0.3 builds for CentOS I still need to verify whether we can bring the 0.3 builds into EPEL according to EPEL's update policy. AND 0.2.9.12 is the latest release of Tor's LTS branch. So it has all the fixes and is supported for quite a while. Are there any features you are missing with 0.2.9.12 (except for not being latest) that you like to have in EPEL? (In reply to Marcel Haerry from comment #19) > Are there any features you are missing with 0.2.9.12 (except for not being > latest) that you like to have in EPEL? Not that I can think of. tor-0.3.1.7-1.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report. tor-0.2.9.12-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. tor-0.3.1.7-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report. tor-0.2.9.12-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. tor-0.2.9.12-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. |