[tor-relays] Compatibility issue with OpenSSL 1.1.1a
Paul
paul at roteserver.de
Mon Dec 3 18:31:55 UTC 2018
Thank you for the anwer, but i am unable to find precompiled packages
for 1.1.1 for debian.
I am currently using buster and i could downgrade to 1.1.0j from stretch
security.
Can someone help me?
Am 03.12.2018 um 02:09 schrieb Nick Mathewson:
> On Sat, Dec 1, 2018 at 8:40 PM Paul <paul at roteserver.de> wrote:
>> I have run into this issue just now and iam curious if i can "just"
>> downgrade back or if there is any other way to workaround?
>>
> I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the
> two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA,
> which Tor doesn't use. Also, you could use 1.1.0j if you prefer
> something patched.
>
>> How does this affect my relay? Will it still be useable?
> It will be usable by anybody connecting to it with TLS up to 1.2, and
> by clients using TLS 1.3. Connections between your relay and other
> relays will fail if you are both upgraded to TLS 1.3.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list