23 Sep
2012
23 Sep
'12
7:37 p.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
In the spectrum of critical, I wouldn't put this one towards the top. There's no code execution or privacy or anonymity issues. So yes, upgrading is definitely a fine idea, but it's not a "cancel your dinner plans to do it" sort of situation.
I probably misinterpreted erinn's posts [1][2].
Are tor versions 0.2.3.x and 0.2.4.x affected too?
Yes. I haven't put an 0.2.4.3-alpha out yet (it's an alpha after all). I should probably do that soon.
Thanks for releasing 0.2.4.3-alpha.
[1] https://trac.torproject.org/projects/tor/ticket/6803#comment:9 [2] https://blog.torproject.org/blog/new-bundles-security-release
-----BEGIN PGP SIGNATURE-----
iF4EAREKAAYFAlBfZQgACgkQyM26BSNOM7ZW8AEAigv1cCQDzx3mLpersWRB5Fs7
uJcGbq4/FUp7kD+I2W0A/RTKmjJucP+pphpzZvQ/oD7wASYzd98hEXXy6MqO5CLs
=pblY
-----END PGP SIGNATURE-----