From: Peter Müller <peter.mueller@ipfire.org>
Date: Thu, 7 May 2026 18:16:00 +0000 (+0000)
Subject: Tor: Update to 0.4.9.7
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=af0cb1d3e11826bcf3adec04fd18afa38450f653;p=ipfire-2.x.git

Tor: Update to 0.4.9.7

Changes in version 0.4.9.7 - 2026-05-06
  This is a security release fixing several major bugfixes that were reported
  in the past weeks. Huge thanks to everyone that reported these issues! We
  strongly recommend upgrading as soon as possible.

  o Major bugfixes (cell handling):
    - Fix out-of-bounds read (OOB) when END, TRUNCATE and TRUNCATED cell
      have no reason in their payload. TROVE-2026-011. Found by Found by
      Brian Carpenter (geeknik). Fixes bug 41254; bugfix
      on 0.1.1.1-alpha.

  o Major bugfixes (conflux):
    - Do not attempt or accept BEGIN_DIR via conflux legs. TROVE-2026-
      008. Credit to Anas Cherni from Calif.io in collaboration with
      Claude and Anthropic Research. Fixes bug 41243; bugfix
      on 0.4.8.1-alpha.

  o Major bugfixes (conflux, relay):
    - Adjust conflux out-of-order queue accounting when clearing a
      queue. TROVE-2026-010. Found by aptupdate. Fixes bug 41251; bugfix
      on 0.4.8.1-alpha.

  o Major bugfixes (pathbias):
    - Fix a client-side crash caused by double-close of a circuit while
      under circuit queue memory pressure. TROVE-2026-009. Found by
      cypherpunks. Fixes bug 41237; bugfix on 0.3.3.6-rc.

  o Major bugfixes (relay):
    - Fix null pointer dereference when receiving a CERT cell out of
      order. TROVE-2026-006. Found by Fwame. Fixes bug 41240; bugfix
      on 0.2.4.4-alpha.

  o Major bugfixes (relay, onion service):
    - Fix off-by-one out-of-bounds read if a malformed BEGIN cell is
      received. TROVE-2026-007. Found by Flanagan. Fixes bug 41245;
      bugfix on 0.2.4.7-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on May 06, 2026.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2026/05/06.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/lfs/tor b/lfs/tor
index 7ba6c6641..da6f50457 100644
--- a/lfs/tor
+++ b/lfs/tor
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Anonymizing overlay network for TCP (The onion router)
 
-VER        = 0.4.9.6
+VER        = 0.4.9.7
 
 THISAPP    = tor-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 94
+PAK_VER    = 95
 
 DEPS       =
 
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 93c4a338e892fdc451826fc5be2fa193aec582257b33b5cbb100f3f2ea2ecec182f56fa80e071e0a64fc81fb3a673d27521807071be85917a6490932659d8ebf
+$(DL_FILE)_BLAKE2 = 189aa16fb2bcc2e0838aceeb3f68b43694dea580a89f0bfc27acd4ded9b3824a0c731fb3182e1e221534be9d0f2cbdd5633a4fba7d3137ed793009b39a1d571f
 
 install : $(TARGET)