[tor-relays] update obfs4proxy if you run a bridge

meskio meskio at torproject.org
Mon Mar 21 17:45:42 UTC 2022


  if you are a bridge operator please update obfs4proxy to a version>=0.0.12.

There is a new version of obfs4proxy (>=0.0.12) which fixes a security issue[0].  
Tor Browser has already updated to the new version, which reduces a bit the 
security problem, but introduces a partial incompatibility between versions[1].  
Because of that updating to the latest version greatly will help bridge users.

If you use debian you can find the latest version bullseye-backports[2].
If you use docker there is a new version of the official docker image that you 
can upgrade to[3].

Thank you for running bridges,
let me know if you need any help upgrading it.

[0] https://lists.torproject.org/pipermail/anti-censorship-team/2022-January/000213.html
[1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40804
[2] https://packages.debian.org/stable-backports/obfs4proxy
[3] https://hub.docker.com/layers/thetorproject/obfs4-bridge/0.11/images/sha256-87cd986d98a76c8af93f5b84ee07b0ae232fd013b6122dfaef188900ac36d968

meskio | https://meskio.net/
 My contact info: https://meskio.net/crypto.txt
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220321/3c850f5f/attachment.sig>

More information about the tor-relays mailing list