WARNING: the "tor" package was deleted from this repository
anonymizing overlay network for TCP
Save this URL for the latest version of "tor":
Other versions of "tor" in Xenial
Packages in group
Deleted packages are displayed in grey.
tor (0.2.9.14-1ubuntu1~16.04.1) xenial; urgency=medium
[ Peter Palfrader ]
* apparmor: use Pix instead of PUx for obfs4proxy, giving us
better confinement of the child process while actually working
with systemd's NoNewPrivileges. (closes: #867342)
* Do not rely on aa-exec and aa-enabled being in /usr/sbin in the
SysV init script. This change enables apparmor confinement
on some system-V systems again. (closes: #869153)
* Update apparmor profile: replace CAP_DAC_OVERRIDE with
CAP_DAC_READ_SEARCH to match the systemd capability bounding set
changed with 0.3.0.4-rc-1. This change will allow tor to start
again under apparmor if hidden services are configured.
Patch by intrigeri. (closes: #862993)
* Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service
capability bounding set. Read access is sufficient for Tor (as root on
startup) to check its onion service directories (see #847598).
* Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor,
causing all errors while switching to the new apparmor profile to
be ignored. This is not ideal, but for now it's probably the
best solution. Thanks to intrigeri; closes: #880490.
[ Simon Deziel ]
* Backport 0.2.9.14 to 16.04 (LP: #1731698)
* debian/rules: stop overriding micro-revision.i
* debian/control: drop build-conflicts
* debian/control: Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf]
* Resync with Debian Stretch
||[SRU] Tor 0.2.9.14 and 0.3.0.13
||tor: /usr/bin/obfs4proxy fails to load under default combination of apparmor execution permission PUx and systemd NoNewPrivileges=Yes hardening - Deb
||tor: CVE-2017-11565: aa-exec is not longer in /usr/sbin and now apparmor is silently scraped - Debian Bug report logs
||tor: Does not start with AppArmor enabled and hidden service directory owned by non-root - Debian Bug report logs
||tor: Does not start when the AppArmor LSM is enabled but the apparmor package is not installed - Debian Bug report logs
No changelog available yet.
Send Feedback to @ubuntu_updates