I run a TOR relay on my centos box and it's reported as "might" contain security a risk for the user. https://atlas.torproject.org/#details/383EBB4A99479DF9CD8BE5724E09B964F098E1BD Steps to Reproduce: Install and configure a TOR relay using the rpm.
tor-0.2.9.12-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abe6f98ebf
tor-0.2.9.12-1.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e4d447e97c
tor-0.2.9.12-1.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-03b487b716
tor-0.2.9.12-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf3746f1f6
tor-0.2.9.12-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d
tor-0.2.9.12-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-e4d447e97c
tor-0.2.9.12-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-abe6f98ebf
tor-0.2.9.12-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf3746f1f6
tor-0.2.9.12-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d
tor-0.2.9.12-1.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-03b487b716
I've left a comment on bodhi. I still see that version as not good from the TOR network.
I do not see a warning on your atlas site, where is it visible? The release 0.2.9.12 is the latest Tor LTS release (https://lists.torproject.org/pipermail/tor-announce/2017-September/000139.html), this is according to Tor's Wiki Page and verified with Tor staff: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases Also it fixes all outstanding CVEs, so I would be suprised if Tor would flag their latest LTS release as being not good. I'm ready to bring newer (non-LTS) versions to Fedora, however first I'd like to sort out #1495063 before moving on. Pushing the latest LTS release to all the repositories was the most non-intrusive action to do, while still fixing all security issues.
(In reply to Marcel Haerry from comment #12) > I do not see a warning on your atlas site, where is it visible? > It's not showing anymore, it was under property and had a big red button. (maybe some cache issue on atlas. Thanks. i'll update bodhi.
tor-0.3.1.7-1.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2c714515b
tor-0.3.1.7-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-1179268a20
tor-0.3.1.7-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-1179268a20
tor-0.3.1.7-1.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2c714515b
No 0.3 builds for CentOS
I still need to verify whether we can bring the 0.3 builds into EPEL according to EPEL's update policy. AND 0.2.9.12 is the latest release of Tor's LTS branch. So it has all the fixes and is supported for quite a while. Are there any features you are missing with 0.2.9.12 (except for not being latest) that you like to have in EPEL?
(In reply to Marcel Haerry from comment #19) > Are there any features you are missing with 0.2.9.12 (except for not being > latest) that you like to have in EPEL? Not that I can think of.
tor-0.3.1.7-1.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.9.12-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.3.1.7-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.9.12-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.9.12-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.