Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 11 Dec 2014 13:57:32 +0000 (UTC)
From:      Brendan Fabeny <bf@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r374532 - in head/security: tor tor-devel tor-devel/files tor/files
Message-ID:  <201412111357.sBBDvWSU058212@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bf
Date: Thu Dec 11 13:57:31 2014
New Revision: 374532
URL: https://svnweb.freebsd.org/changeset/ports/374532
QAT: https://qat.redports.org/buildarchive/r374532/

Log:
  Warn about a vulnerability in the default configuration
  
  PR:		195828

Modified:
  head/security/tor-devel/Makefile
  head/security/tor-devel/files/pkg-message.in
  head/security/tor/Makefile
  head/security/tor/files/pkg-message.in

Modified: head/security/tor-devel/Makefile
==============================================================================
--- head/security/tor-devel/Makefile	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor-devel/Makefile	Thu Dec 11 13:57:31 2014	(r374532)
@@ -3,6 +3,7 @@
 
 PORTNAME=	tor
 DISTVERSION=	0.2.6.1-alpha
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR
 PKGNAMESUFFIX=	-devel

Modified: head/security/tor-devel/files/pkg-message.in
==============================================================================
--- head/security/tor-devel/files/pkg-message.in	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor-devel/files/pkg-message.in	Thu Dec 11 13:57:31 2014	(r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor
 
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================

Modified: head/security/tor/Makefile
==============================================================================
--- head/security/tor/Makefile	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor/Makefile	Thu Dec 11 13:57:31 2014	(r374532)
@@ -3,6 +3,7 @@
 
 PORTNAME=	tor
 DISTVERSION=	0.2.5.10
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR
 

Modified: head/security/tor/files/pkg-message.in
==============================================================================
--- head/security/tor/files/pkg-message.in	Thu Dec 11 13:55:46 2014	(r374531)
+++ head/security/tor/files/pkg-message.in	Thu Dec 11 13:57:31 2014	(r374532)
@@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor
 
-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201412111357.sBBDvWSU058212>