Thank you for the anwer, but i am unable to find precompiled packages for 1.1.1 for debian.
I am currently using buster and i could downgrade to 1.1.0j from stretch security.
Can someone help me?
Am 03.12.2018 um 02:09 schrieb Nick Mathewson:
On Sat, Dec 1, 2018 at 8:40 PM Paul paul@roteserver.de wrote:
I have run into this issue just now and iam curious if i can "just" downgrade back or if there is any other way to workaround?
I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA, which Tor doesn't use. Also, you could use 1.1.0j if you prefer something patched.
How does this affect my relay? Will it still be useable?
It will be usable by anybody connecting to it with TLS up to 1.2, and by clients using TLS 1.3. Connections between your relay and other relays will fail if you are both upgraded to TLS 1.3. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays