Thanks for posting the blog in here
Relays and bridges: Tor relays and bridges could maybe be made toleak their medium-term onion keys (rotated once a week), or their long-term relay identity keys. An attacker who has your relay identity key can publish a new relay descriptor indicating that you're at a new location (not a particularly useful attack). An attacker who has your relay identity key, has your onion key, and can intercept traffic flows to your IP address can impersonate your relay (but remember that Tor's multi-hop design means that attacking just one relay in the client's path is not very useful). In any case, best practice would be to update your OpenSSL package, discard all the files in keys/ in your DataDirectory, and restart your Tor to generate new keys.
I am on Wheezy and did 'apt-get update' and 'apt-get upgrade'. 1.0.1e-2+deb7u5 should be good for Wheezy.
( Deleted keys, restarted tor, receive a new fingerprint and stand back in line for new flags - but we are safe )
Felix
==========---------- - - - - - - - - - - ----------========== -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (MingW32)
mQENBFL/49QBCADF+dfqQzatgiEH/SgymqjyIt2VdSe2mtKF1zHPjOnYiq88/qio 88Q4CjcImhFGPZCdDqLlno6ufl55omhTLfr4frNRgvfOsazzWNzIcghc+/bOyidD E6TmbCjfL9Zvp1jr9vW0eC6NmmUbTbkrs6M/eF1CS/PqZS1cCJuQoz0BBHgzMIMI Ro78dgcmcml4kNzP6z7FrecWaqikJk1h8jxpP0+bSrNY21b1OQA05Nm3glhlQuI8 CRzWRJXVyfk0qSqC1KUYB/qKVwXcIh0EB1CZgJnfMatZkwwj9re8LQYIkaYp6XnU u2g5/WuD6QhRA2cZ0eWG03lYzFCBc5vCj4Z3ABEBAAG0F0ZlbGl4IDxmZWxpeGhv ZUBnbXguZGU+iQE5BBMBAgAjBQJS/+PUAhsPBwsJCAcDAgEGFQgCCQoLBBYCAwEC HgECF4AACgkQn7tfwacd4SUoRwf/e3wEG7PWoLOEKMsGIf/hc6b4Q7E5xtTe5auh vowcFXkL+4sGn8SJzMEgYO3rgsmE6HvxSf20A3vT/J1IpSo/QsgtnxToaXnilMpK Oy58KQjxCJB7Reg9BtF2DZsPul0QSftSAdrXtCD6jIXRbyGwl5Wh0RLlAF0vB/KZ yYpoe1OmDnjDfGW64oJHs6dDHW1toit30fYOvULwphvCS02h61PmoMFmlabtfDo/ L4PyjvHZIzjVmf2UACEIV+oNc/yzAj5pFRPE8psfxq+0Sz0DRrAWnfqIilzlEzQX 8FqwHp+Kln7XSrA74Wr3LupVe1vnzRayWdhPi7S+AGUwiyFCXw== =7lFN -----END PGP PUBLIC KEY BLOCK-----