-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 It is quite sad that one has to find out about 'critical' security updates [0] via an unrelated thread on tor-talk [1] or the blog [2] instead of getting an announcement on tor-announce [3] - where relay operators are probably expecting such information. Are tor versions 0.2.3.x and 0.2.4.x affected too? [0] https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes https://trac.torproject.org/projects/tor/ticket/6811 [1] https://lists.torproject.org/pipermail/tor-talk/2012-September/025525.html [2] https://blog.torproject.org/blog/new-bundles-security-release [3] https://lists.torproject.org/pipermail/tor-announce/ -----BEGIN PGP SIGNATURE----- iF4EAREKAAYFAlBUV7cACgkQyM26BSNOM7ZeyAEArFSwM5Z0fhtXV6q7pdK9CqXV coEuuHUFrm6gjzkQ+p8A/2z2e+x4sYuJzKhlvFKnwCURw93FSqWEt5MCFRpkd6rV =FkRi -----END PGP SIGNATURE-----