Fwd: Latest openssl update breaks Tor
Damian Johnson
atagar1 at gmail.com
Sat Nov 20 20:06:17 UTC 2010
Forwarding just in case someone's not on both lists. -Damian
---------- Forwarded message ----------
From: Sebastian Hahn <mail at sebastianhahn.net>
Date: Sat, Nov 20, 2010 at 10:52 AM
Subject: Latest openssl update breaks Tor
To: or-talk at freehaven.net
Hey *,
the most recent openssl security update [0] breaks Tor. According to
our analysis so far, Tor isn't affected by the actual security issue, but
the patch as applied in openssl versions 1.0.0b and 0.9.8p causes
Tor to fail its handshake as a relay.
If you run a relay and have already upgraded your libssl, please
don't restart your relay unless you have to because it will otherwise
stop working. If you haven't upgraded, please verify whether any
other applications are affected and if not consider delaying the
upgrade.
So far I haven't been able to find a way to work around this issue
from inside Tor, but hopefully a fix can be developed soon.
Thanks for running relays!
Sebastian
[0]: https://blog.torproject.org/blog/new-openssl-vulnerability-tor-not-affected
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-relays
mailing list