1. 21 Apr, 2018 5 commits
    • Salvatore Bonaccorso's avatar
      Prepare changelog for release · e66fd117
      Salvatore Bonaccorso authored
      Gbp-Dch: Ignore
      e66fd117
    • Salvatore Bonaccorso's avatar
      Merge tag 'upstream/0.2.9.15' · 0420b9f1
      Salvatore Bonaccorso authored
      Upstream version 0.2.9.15
      0420b9f1
    • Salvatore Bonaccorso's avatar
      New upstream version 0.2.9.15 · 4cac3833
      Salvatore Bonaccorso authored
      4cac3833
    • Peter Palfrader's avatar
      Import Debian changes 0.2.9.14-1 · a911e7cf
      Peter Palfrader authored
      tor (0.2.9.14-1) stretch-security; urgency=medium
      
        * New upstream version, including among others:
          - Fix an issue causing DNS to fail on high-bandwidth exit nodes,
            making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on
            0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for
            identifying and finding a workaround to this bug and to Moritz,
            Arthur Edelstein, and Roger for helping to track it down and
            analyze it.
          - Fix a denial of service bug where an attacker could use a
            malformed directory object to cause a Tor instance to pause while
            OpenSSL would try to read a passphrase from the terminal. (Tor
            instances run without a terminal, which is the case for most Tor
            packages, are not impacted.) Fixes bug 24246; bugfix on every
            version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
            Found by OSS-Fuzz as testcase 6360145429790720.
          - Fix a denial of service issue where an attacker could crash a
            directory authority using a malformed router descriptor. Fixes bug
            24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010
            and CVE-2017-8820.
          - When checking for replays in the INTRODUCE1 cell data for a
            (legacy) onion service, correctly detect replays in the RSA-
            encrypted part of the cell. We were previously checking for
            replays on the entire cell, but those can be circumvented due to
            the malleability of Tor's legacy hybrid encryption. This fix helps
            prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
            0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
            and CVE-2017-8819.
          - Fix a use-after-free error that could crash v2 Tor onion services
            when they failed to open circuits while expiring introduction
            points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
            also tracked as TROVE-2017-013 and CVE-2017-8823.
          - When running as a relay, make sure that we never build a path
            through ourselves, even in the case where we have somehow lost the
            version of our descriptor appearing in the consensus. Fixes part
            of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked
            as TROVE-2017-012 and CVE-2017-8822.
      
      tor (0.2.9.13-1) stretch; urgency=medium
      
        * New upstream version:
          - update directory authority set
      
      tor (0.2.9.12-1) stretch-security; urgency=medium
      
        * New upstream version:
          - CVE-2017-0380 (TROVE-2017-008): Stack disclosure in hidden services logs
            when SafeLogging disabled
          - other maintenance and security related fixes, see upstream changelog.
      
      tor (0.2.9.11-1~deb9u1) stretch-security; urgency=high
      
        * Get fix for CVE-2017-0376 into stretch via -security.
      
      tor (0.2.9.11-1) unstable; urgency=high
      
        * New upstream version.
          - Fix a remotely triggerable assertion failure caused by receiving a
            BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug
            22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix
            on 0.2.2.1-alpha.  (closes: #864424)
      
      tor (0.2.9.10-1) unstable; urgency=medium
      
        * New upstream version.
          - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
            any IPv6 addresses.
          - Fix an integer underflow bug when comparing malformed Tor
            versions. Underlying issue of TROVE-2017-001, mitigated in the
            previous release.
      
      tor (0.2.9.9-1) unstable; urgency=medium
      
        * New upstream version.
          + Downgrade the "-ftrapv" option from "always on" to "only on when
            --enable-expensive-hardening is provided." (re: TROVE-2017-001).
      
      tor (0.2.9.8-2) unstable; urgency=medium
      
        * Actually target unstable.
      
      tor (0.2.9.8-1) experimental; urgency=medium
      
        * New upstream version, upload 0.2.9.x tree to unstable.
        * Add a comment to tor@.service explaining why we cannot limit to
          /var/lib/tor-instances/<instance> but only to /var/lib/tor-instances --
          systemd does not do instance expansion in ReadWriteDirectories lines --
          cf.  #781730.
        * Update README.Debian to mention a good location to put onion service
          UNIX sockets.  Note that neither systemd nor apparmor limits access
          to them -- cf. #846275.
        * Use -Z (Apply SE-Linux labels) to install when creating instance datadirs
          in tor-instance-create.
      
      tor (0.2.9.7-rc-1) experimental; urgency=medium
      
        * New upstream version.
        * Remove CAP_CHOWN, CAP_FOWNER from the systemd service files'
          CapabilityBoundingSet.  We may no longer need them.  The upstream
          changelog says that Tor changed some logic with 0.2.8.1-alpha that made
          CAP_CHOWN CAP_FOWNER no longer needed.
          CAP_DAC_OVERRIDE is still needed: Tor checks properties of hidden service
          directories as root before changing its UID to debian-tor, and those trees
          are owned by debian-tor and go-rwx (see #847598).
      
      tor (0.2.9.6-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.9.5-alpha-1) experimental; urgency=medium
      
        * New upstream version.
        * Raise Standards-Version to 3.9.8 - no changes needed.
        * Use command -v $foo instead of [ -x /sbin/$foo ] in maintainer script.
      
      tor (0.2.9.4-alpha-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.9.3-alpha-1) experimental; urgency=medium
      
        [ Peter Palfrader ]
        * New upstream version.
      
        [ Iain R. Learmonth ]
        * Removes dependency on hardening-wrapper, and
          build-depend on version >= 9 of debhelper instead
          so we can enable harding via DEB_BUILD_MAINT_OPTIONS
          (closes: #836762).
      
      tor (0.2.9.2-alpha-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.9.1-alpha-1) experimental; urgency=medium
      
        * New upstream tree.
      
      tor (0.2.8.6-3) unstable; urgency=medium
      
        * Raise TimeoutStartSec from 120 to 300 secs for slower systems.
        * tor-instance-create and tor-instance-create.8.txt: fix some typos.
      
      tor (0.2.8.6-2) unstable; urgency=medium
      
        * Update the system V init script to create /var/run/tor with mode 02755
          also.  This matches the systemd service file.
        * No longer create /var/run/tor in postinst -- it is created when services
          start.
        * apparmor policy: let tor read /var/lib/tor/** (without it being the
          owner of these files)
      
      tor (0.2.8.6-1) unstable; urgency=medium
      
        * New upstream version, upload 0.2.8.x tree to unstable.
      
      tor (0.2.8.5-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.8.4-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.8.3-alpha-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.8.2-alpha-1) experimental; urgency=medium
      
        * New upstream version.
        * apparmor profile: Allow reading of /var/lib/tor to the process.
          This is required by new tor versions (closes: Tor#18370).
        * Set SocksPort unix:/var/run/tor/socks and 9050 in the defaults file
          (closes: #797335).
          - For non-default instances, use /var/run/tor-instances/@@NAME@@/socks.
          - Make /var/run/tor mode 755 (from 750).  Same for the instance run
            directories.
          - Use the RelaxDirModeCheck option for the control unix domain socket
            so that works.
          - tor-instance-create: in the torrc we create, append to the SocksPort
            list using + instead of overriding what is configured in the defaults
            file.
          - apparmor: allow reading of {/var,}/run/tor, and writing of
            {/var,}/run/tor/socks.
      
      tor (0.2.8.1-alpha-1) experimental; urgency=medium
      
        * New upstream tree.
        * Drop 20-upstream-syslog-identity as it is included upstream
          (cf. upstream bug #17194).
      
      tor (0.2.7.6-2) unstable; urgency=medium
      
        * Don't override override_dh_install, instead override
          override_dh_install-arch to get the extra bits we like
          installed and moved around in the tor binary package.
          This makes arch-all only builds work (closes: #806661).
      
      tor (0.2.7.6-1) unstable; urgency=high
      
        * New upstream version.
          - Actually look at the Guard flag when selecting a new directory
            guard.
        * Actually install tor-instance-create.8 manpage.
        * Change the apparmor profile tor allow Tor to access the systemd
          notification socket.  Thanks to regar42.  Closes Tor#17693.
        * tor-instance-create: Do systemctl daemon-reload *after* writing the
          new torrc.
      
      tor (0.2.7.5-1) unstable; urgency=medium
      
        * New upstream version, upload 0.2.7.x tree to unstable.
      
      tor (0.2.7.4-rc-1) experimental; urgency=medium
      
        * New upstream version.
        * Include identity tag for syslog logging feature from master.  This is
          bug#17194 upstream.
        * Support multiple instances (closes: #791393).
        * Split systemd service timeout into start and stop timeout, and raise
          them to 120 and 60 seconds from 45 (closes: tor#16398).
        * Enable apparmor support for the default tor service (re: #761404).
          Apparmor is not yet being enabled for any other tor instance.
      
      tor (0.2.7.3-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.7.2-alpha-1) experimental; urgency=medium
      
        * New upstream tree.
      
      tor (0.2.6.10-1) unstable; urgency=medium
      
        * New upstream version.
      
      tor (0.2.6.9-1) unstable; urgency=medium
      
        * New upstream version.
        * Drop do-not-require-systemd and fix-sandbox-use-with-systemd.-bug-16212
          patches as they are included upstream now.
      
      tor (0.2.6.8-5) unstable; urgency=medium
      
        * Sandboxing, when enabled, would prevent tor from working when
          started from systemd, as tor wasn't allowed to create a
          UNIX datagram socket.  Include that patch from upstream's git.
      
      tor (0.2.6.8-4) unstable; urgency=medium
      
        * Remove whitespace around = in the systemd service file.  Apparently
          the spaces confuse deb-systemd-helper, which then resulted in Tor
          not being automatically started on boot (see #786418).
        * Remove obsolete After=syslog.target from systemd service file.
      
      tor (0.2.6.8-3) unstable; urgency=low
      
        * debian/rules: Change order of --with commands to dh to ensure
          that we patch before calling autoreconf.
      
      tor (0.2.6.8-2) unstable; urgency=low
      
        * debian/control: Depend on dh-systemd, libsystemd-dev, and pkg-config
          only on linux-any.
        * debian/rules: Build with systemd only if DEB_HOST_ARCH_OS is linux.
        * patch upstream's configure.ac to check for the existance of
          libsystemd rather than systemd.
      
      tor (0.2.6.8-1) unstable; urgency=medium
      
        * New upstream version, upload 0.2.6.x tree to unstable.
        * Ship a systemd .service file (closes: #761403).
          Thanks to intrigeri and Arto Jantunen.
          - Build depend on dh-systemd, libsystemd-dev, pkg-config.
          - Build with --enable-systemd.
        * Autoreconf on build (closes: #783729).
          - Build depend on dh-autoreconf.
      
      tor (0.2.6.7-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.6.6-1) experimental; urgency=medium
      
        * New upstream version.
        * Stick to experimental for now to keep unstable open as a track to jessie.
      
      tor (0.2.6.5-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.6.4-rc-1) experimental; urgency=medium
      
        * New upstream version.
        * Build with --enable-gcc-warnings-advisory.
      
      tor (0.2.6.3-alpha-1) experimental; urgency=medium
      
        * New upstream version.
        * [intrigeri]
          + apparmor policy: Allow execution of /usr/bin/obfs4proxy (closes: #777592).
        * Run restorecon on /var/lib/tor /var/run/tor /var/log/tor in postinst (closes: #776352).
        * Suggests cleanup:
          + Stop suggesting xul-ext-torbutton, suggest torbrowser-launcher instead.
          + Stop suggesting polipo (>= 1) | privoxy - those are no longer considered
            good means to browser the web with Tor.
          + Suggest obfs4proxy in addition to obfsproxy.
      
      tor (0.2.6.2-alpha-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.6.1-alpha-1) experimental; urgency=medium
      
        * New upstream version.
        * New upstream tree in experimental: 0.2.6.x.
      
      tor (0.2.5.10-1) unstable; urgency=medium
      
        * New upstream version.
        * Use "service tor reload", guarded by "service tor status" in logrotate
          instead as suggested by Dirk Griesbach (closes: #765407).
      
      tor (0.2.5.9-rc-1) unstable; urgency=medium
      
        * New upstream version.
          - Disabled SSLv3 unconditionally.  As a by-product, this means
            that we no longer die in SSLv3 cleanup code in what is likely
            an openssl bug introduced in 1.0.1j (closes: 765968).
        * logrotate script: call invoke-rc.d tor reload instead of
          /etc/init.d/tor reload.  This way, if tor is properly disabled, we will
          not try to reload tor. (closes: #765407).
      
      tor (0.2.5.8-rc-1) unstable; urgency=medium
      
        * New upstream version.  Upload to unstable.
      
      tor (0.2.5.7-rc-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.5.6-alpha-1) experimental; urgency=medium
      
        * New upstream version.
      
      tor (0.2.5.5-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * upstream contrib/ directory cleanup, requires adapting paths in
          tor.docs and tor.install:
          - torify moved to contrib/client-tools/
          - tor-exit-notice.html moved to contrib/operator-tools/
        * Restrict build dependency on libseccomp-dev to amd64 and i386 only.
          Build-Conflict with it on the other archs.
      
      tor (0.2.5.4-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Build depend on libseccomp-dev.
      
      tor (0.2.5.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Add obfsproxy to suggests.
        * Apparmor policy: Allow executing /usr/bin/obfsproxy - thanks to
          intrigeri for the patch (closes: #739279).
      
      tor (0.2.5.2-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * From 0.2.4.20-1:
          + init script: make /var/log/tor if it does not exist anymore
            (closes: #732572).
      
      tor (0.2.5.1-alpha-1) experimental; urgency=low
      
        * New upstream tree, new upstream version.
        * Current alpha no longer /builds/ contrib/torify, it just ships it.
          Adapt debian/tor.install to get it from contrib/torify instead of
          build/contrib/torify.
      
      tor (0.2.4.17-rc-2) UNRELEASED; urgency=low
      
        * Re-add a few 'exit 1' statements on errors that got lost while
          updating the init script to fancy LSB style output (closes: #722153).
        * Mention the DisableDebuggerAttachment setting next to the ulimit -c
          line in /etc/default/tor (closes: #723801).
      
      tor (0.2.4.17-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.16-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.15-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.14-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.12-alpha-2) experimental; urgency=low
      
        * No longer change tor manpage to be in section 8.
        * No longer move tor from usr/bin to /usr/sbin after make install.
          We now install tor into the same place as upstream.  Having it in
          the default user path makes it easier for users who want to run
          tor themselves.
        * Install a compatibility symlink in /usr/sbin.
        * Change relation form from (< version) to (<< version) in the tor-geoip
          package.
        * Update debian/watch file.
        * Clean up old /etc/tor/tor-tsocks.conf conffile (closes: #705785).
          This requires debhelper >= 8.1.0~, adapt build-dependency accordingly.
      
      tor (0.2.4.12-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port 03_tor_manpage_in_section_8.dpatch: torify.1 no longer
          references tsocks.
        * No longer install contrib/tor-tsocks.conf - it was dropped upstream.
        * Update year in debian/copyright.
      
      tor (0.2.4.11-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.10-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.9-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Build-Conflict with libnacl-dev so that we don't pull it in accidentally.
          For now Tor doesn't manage to use it on at least amd64 anyway, but that
          may change.  We should review this decision once we know how things work
          and where we want to use nacl.
        * Move the geoip6 file to the tor-geoip package (spotted by George
          Kargiotakis)
        * add appropriate Replaces and Breaks to the tor-geoip package for
          tor < 0.2.4.8 since we moved a file to tor-geoip.
        * If $DAEMON $VERIFY_ARGS fails, call use the same arguments for
          finding the errors and not $DAEMON --verify-config.
      
      tor (0.2.4.7-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.6-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Update debian/copyright file somewhat.
      
      tor (0.2.4.5-alpha-1) experimental; urgency=high
      
        * New upstream version:
          - Fix a group of remotely triggerable assertion failures related to
            incorrect link protocol negotiation. Found, diagnosed, and fixed
            by "some guy from France". Fix for CVE-2012-2250; bugfix on
            0.2.3.6-alpha.
          - Fix a denial of service attack by which any directory authority
            could crash all the others, or by which a single v2 directory
            authority could crash everybody downloading v2 directory
            information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
          - and more.
      
      tor (0.2.4.4-alpha-1) experimental; urgency=low
      
        * New upstream version.
          o Major bugfixes (security/privacy, also in 0.2.3.23-rc):
            - Disable TLS session tickets. OpenSSL's implementation was giving
              our TLS session keys the lifetime of our TLS context objects, when
              perfect forward secrecy would want us to discard anything that
              could decrypt a link connection as soon as the link connection
              was closed. Fixes bug 7139; bugfix on all versions of Tor linked
              against OpenSSL 1.0.0 or later. Found by Florent Daignière.
            - Discard extraneous renegotiation attempts once the V3 link
              protocol has been initiated. Failure to do so left us open to
              a remotely triggerable assertion failure. Fixes CVE-2012-2249;
              bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
          o And more.  For details please see the upstream changelog.
        * Add debian/source.lintian-overrides for
          rc-version-greater-than-expected-version, similar to what we have for
          the binary packages.
      
      tor (0.2.4.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Remove debian/patches/02_add_debian_files_in_manpage which hasn't been
          enabled for over five years now.
        * Update and fix a minor whitespace issue in
          debian/patches/14_fix_geoip_warning.
        * remove obsolete debian/TODO file.
        * Use dh_lintian to install the override file for tor-geoipdb.  Requires
          changing debhelper build dependency to >= 6 from >= 5, and renaming
          debian/tor-geoipdb.lintian-override to tor-geoipdb.lintian-overrides.
        * Use dh_link to create the /usr/share/doc/tor-dbg -> tor symlink in
          tor-dbg.  Also call dh_link before dh_install*, so that nothing creates a
          /usr/share/doc/tor-dbg directory.
        * No longer call dh_link with arguments to create the
          /usr/share/man/man5/torrc.5 -> ../man8/tor.8 symlink in the tor package,
          instead create and populate debian/tor.links accordingly.
        * Call configure with --disable-silent-rules, so we actually see what
          the build did in a log.
        * Try to patch upstream's documenation build system so it does what we want
          rather than duplicating parts of it in debian/rules.  This will fix a bug
          where we would end up with empty .html documentation if building from the
          source source tree more than once.
        * Upstream no longer installs /usr/bin/tor-control.py, so no need to remove
          it in debian/rules.
        * No longer try to symlink the changelogs for tor-geoipdb from the tor
          package.  Frist, this has been broken as dh_installchangelogs stomps all
          over our symlinks.  Second, the tor and tor-geoipdb package may be of
          different versions, so a symlink is probably the wrong thing in the
          first place.
        * Add lintian overrides for all three binary packages for
          rc-version-greater-than-expected-version.  Tor's version scheme is sane.
      
      tor (0.2.4.2-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.4.1-alpha-1) experimental; urgency=low
      
        [ Peter Palfrader ]
        * New upstream version (starts 0.2.4.x tree).
        * Forward port debian/patches/03_tor_manpage_in_section_8.
      
        [ Stefano Zacchiroli ]
        * README.privoxy, README.polipo: explicitly set socks type to socks5.
      
      tor (0.2.3.21-rc-1) unstable; urgency=low
      
        * New upstream version, changes including:
          - Tear down the circuit if we get an unexpected SENDME cell. Clients
            could use this trick to make their circuits receive cells faster
            than our flow control would have allowed, or to gum up the network,
            or possibly to do targeted memory denial-of-service attacks on
            entry nodes.
          - Reject any attempt to extend to an internal address. Without
            this fix, a router could be used to probe addresses on an internal
            network to see whether they were accepting connections.
          - Do not crash when comparing an address with port value 0 to an
            address policy.
          For details please see the upstream changelog.
      
      tor (0.2.3.20-rc-1) unstable; urgency=low
      
        * New upstream version, including a couple security fixes:
          - Avoid read-from-freed-memory and double-free bugs that could occur
            when a DNS request fails while launching it. Fixes bug 6480.
          - Avoid an uninitialized memory read when reading a vote or consensus
            document that has an unrecognized flavor name. This read could
            lead to a remote crash bug. Fixes bug 6530.
          - Try to leak less information about what relays a client is
            choosing to a side-channel attacker.
        * Suggest the tor-arm controller.
        * Improve long descriptions with Roger's help.
        * Use https:// instead of git:// for the Vcs-Git URL.
      
      tor (0.2.3.19-rc-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.18-rc-1) unstable; urgency=low
      
        * New upstream version.
        * Remove debian/patches/15_longer_test_timeout - something similar has been
          incorporated upstream (Re: Tor#6227).
        * Re-enable apparmor, if available:  Instead of confining /usr/sbin/tor by
          default, we now only confine the daemon that is launched from the init
          script.  We do this by calling aa-exec with the appropriate flags, if it
          is installed.  Therefore also suggest apparmor-utils.
      
      tor (0.2.3.17-beta-3) unstable; urgency=low
      
        * Apply the correct SE-Linux label to /var/run/tor when creating the
          directory in the init script (closes: #678362).  Thanks to Russell Coker.
        * Hack up the unit tests to wait longer for the thread test to finish.
          This is not a real fix, but it will probably make it more likely that
          we successfully build on our mips/octeon machines (Re: Tor#6227).
      
      tor (0.2.3.17-beta-2) unstable; urgency=low
      
        * Shipping and enabling the apparmor policy by default causes Tor to
          break for users who have apparmor enabled in enforcind mode and
          that, either in addition to or instead of running Tor as a system
          service (i.e. /etc/init.d/tor), also run Tor as their user or in
          some other means like launched from vidalia.  Therefore:
          .
          - No longer install apparmor policy by default.  It can be found in
            /usr/share/doc/tor if anybody is interested.
          - No longer build-depend on dh-apparmor, or suggest apparmor.
          - Also, clean up and remove old /etc/apparmor.d/usr.sbin.tor files
            on upgrade if they have not been changed by the user.
          .
          These changes relate to Debian Bug #670525 and fixes Tor ticket #6188.
      
      tor (0.2.3.17-beta-1) unstable; urgency=low
      
        * New upstream version.
        * apparmor policy:
          - allow access to /var/log/tor/* and not just /var/log/tor/log*,
        * No longer create /var/run/tor in postint if it does not exist -
          the init script should take care of that.
        * Change the output of the init script to use lsb* functions:
          - Depend on lsb-base.
          - Makes the output pretty (closes: #676843)
        * Also, in the init script we are now less verbose, unless VERBOSE is
          set to yes in /etc/default/rcS (see the rcS(5) manual page):
          - pass --hush to tor on startup, so only warnings and errors are
            displayed, hiding any notice level log output,
          - do not report raising ulimit -n.
      
      tor (0.2.3.16-alpha-1) experimental; urgency=medium
      
        * New upstream version.
          - Work around a bug in OpenSSL that broke renegotiation with TLS
            1.1 and TLS 1.2. Without this workaround, all attempts to speak
            the v2 Tor connection protocol when both sides were using OpenSSL
            1.0.1 would fail. Resolves ticket 6033.
          - and more - please consult upstream changelog.
        * Include apparmor profile.  Thanks to intrigeri (closes: #670525).
      
      tor (0.2.3.15-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.14-alpha-1) experimental; urgency=low
      
        * New upstream version.
          - No longer need backported 45ace4844b020cb754d3bb65f1021bfeb5115f9e
            from master to fix a test suite stack overflow.
        * torify now no longer can use tsocks.  Change recommends from
          torsocks | tsocks to just torsocks.
      
      tor (0.2.3.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * When creating the debian-tor user that tor runs at, create it with
          a shell of /bin/false instead of /bin/bash.  Does not change shells
          of existing users (closes: #658358).
        * Include 45ace4844b020cb754d3bb65f1021bfeb5115f9e from master
          to fix a test suite stack overflow, just introduced.
      
      tor (0.2.3.12-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.11-alpha-2) experimental; urgency=low
      
        * init script:  use the new defaults torrc file also for when we
          try to check our configuration (tor --verify-config) prior to starting
          tor.  (Might close TorBug#4954.)
      
      tor (0.2.3.11-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * No longer patch Tor to set DataDirectory, RunAsDaemon etc. when run
          as root or debian-tor.
          Instead ship with a file setting all these options in
          /usr/share/tor/tor-service-defaults-torrc and cause our init-script
          to pass --defaults-torrc <that-file> to the tor started by that script.
        * No longer fail postinst when the init script fails to restart tor.
          Patch provided by Carl Fuerstenberg (closes: #652884).
      
      tor (0.2.3.10-alpha-1) experimental; urgency=high
      
        * New upstream version, fixing a heap overflow bug related to Tor's
          SOCKS code (CVE-2011-2778).
      
      tor (0.2.3.9-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * There no longer is a document called INSTALL to copy to
          usr/share/docs/tor, so get rid of the lintian override.  Since that was
          the only one in the tor package get rid of installing overrides for the
          tor package entirely - there's still one override in tor-geoipdb
          (closes Tor #4576).
      
      tor (0.2.3.8-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.7-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.6-alpha-1) experimental; urgency=high
      
        * New upstream version, fixing a couple of security relevant bugs
          such as guard enumeration (CVE-2011-2768) and bridge enumeration
          (CVE-2011-2769) issues.  For details consult the upstream changelog.
      
      tor (0.2.3.5-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.3.4-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Make patches/06_add_compile_time_defaults build without compiler warnings:
          - use config_find_option_mutable() instead of config_find_option()
            if we're going to mess with the return value,
          - Correctly declare functions as having no arguments instead of not
            telling the compiler which arguments it'll have.
        * Suggest tor-arm (closes: #640265).
        * Downgrade socat and polipo|privoxy to Suggests (closes: #640264).
      
      tor (0.2.3.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Upload to experimental now that 0.2.2.x is out of rc and was uploaded to
          unstable.
        * Merged from debian-0.2.2: 0.2.2.29-beta-1
          - The postinst script changes /var/run/tor to mode 02750 if it exists,
            but the tor init script creates it with mode 02700 if it doesn't.
            Change the init script to also create the directory with a group
            writeable mode, the same as the postinst maintainer script, i.e. 02750.
            .
            This will allow users in the debian-tor group to access the control
            socket (re: #552556).
          - Enable Control Socket by default.  It lives in /var/run/tor/
            (closes: #552556).
        * Update context in patches/06_add_compile_time_defaults.
        * Forward port patches/07_log_to_file_by_default.
      
      tor (0.2.3.1-alpha-1) tor-0.2.3.x; urgency=low
      
        * New upstream version.
        * Forward port debian/patches/14_fix_geoip_warning.
      
      tor (0.2.2.25-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Add Vcs-* control fields. Patch by intrigeri@boum.org
          (closes: #623316).
        * Update mailinglist archive URLs in package description.
          Patch by intrigeri@boum.org (closes: #623318).
      
      tor (0.2.2.24-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port missing changes from the 0.2.1.x tree:
          - Add ${misc:Depends} for all three binary packages because debhelper
            might want to add stuff  [tor 0.2.1.26-1].
          - tor.postinst: Stop calling stat(1) with its full path  [tor 0.2.1.26-1].
          - No longer set ulimit -c to unlimited:
            Up until now the init script (or actually /etc/default/tor) raised
            the ulimit for coredumps to unlimited, so that Tor would produce
            coredumps on assert errors or segfaults.  Coredumps however can
            leak sensitive information, like cryptographic session keys and
            clients' data should the core files get into the wrong hands.  As
            such it seems prudent to only enable coredumps if the user or
            operator explicitly asks for them, and knows what to do with them.
            [tor 0.2.1.26-2]
          - Also include a cron.weekly job that removes old coredumps from
            /var/lib/tor.  This action can be disabled in /etc/default/tor.
            [tor 0.2.1.26-2]
          - Make sure the cronjob does not try to access a /var/lib/tor
            that has already been removed (due to for instance package removal).
            Thanks to Holger and piuparts for catching this.
            [tor 0.2.1.26-3]
      
      tor (0.2.2.23-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * The tor specification files are no longer shipped in the tarball,
          so /usr/share/doc/tor/spec is no more.  They can be found online
          at <URL:https://gitweb.torproject.org/torspec.git/tree>.
      
      tor (0.2.2.22-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.21-alpha-1) experimental; urgency=high
      
        * New upstream version, including several security related fixes.  See
          upstream changelog for details.  Addresses CVE-2011-0427.
        * Forward port patches/03_tor_manpage_in_section_8.
      
      tor (0.2.2.20-alpha-1) experimental; urgency=high
      
        * New upstream version.
          - Fix a remotely exploitable bug that could be used to crash instances
            of Tor remotely by overflowing on the heap. Remote-code execution
            hasn't been confirmed, but can't be ruled out (CVE-2010-1676).
        * Since the dawn of time (0.0.2pre19-1, January 2004, initial release
          of the debian package), the postinst script has changed ownership and
          permissions of various trees like /var/lib/tor, /var/run/tor, and
          /var/log/tor, sometimes recursively.
          .
          It turns out this actually is a security issue, so try to be more
          conservative when fixing up modes and only chown/chgrp
          /var/{lib,log,run}/tor directly, never recursively.
        * Remove /var/run/tor, recursively, on purge.  We already do this
          for /var/lib/tor and /var/log/tor.
      
      tor (0.2.2.19-alpha-1) experimental; urgency=low
      
        * New upstream version.
          - remove debian/patches/15_tlsext_host_name (already included in new
            upstream version).
      
      tor (0.2.2.18-alpha-2) experimental; urgency=low
      
        * If we overwrite src/or/micro-revision.i in during build,
          clean it out in the clean target.
        * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8
          (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198):
          .
          Do not set the tlsext_host_name extension on server SSL objects; only on
          client SSL objects.  We set it to immitate a browser, not a vhosting
          server. This resolves an incompatibility with openssl 0.9.8p and openssl
          1.0.0b.  Fixes bug 2204; bugfix on 0.2.1.1-alpha.
      
      tor (0.2.2.18-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.17-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.16-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Downgrade torsocks/tsocks dependency to a recommends.  That tool
          is not needed if you only run a relay, or if you access Tor only
          using polipo or privoxy.  The torify(1) wrapper that makes use
          of torsocks or tsocks already handles their absense and emmits a
          proper message telling the user what they are missing (closes: #595898).
        * Remove suggests of mixminion which is no longer in the archive
          (closes: #594207), and also of anon-proxy which appears to not
          have been updated in at least two years.
        * Add xul-ext-torbutton to suggests.
      
      tor (0.2.2.15-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port 06_add_compile_time_defaults.
      
      tor (0.2.2.14-alpha-1) experimental; urgency=low
      
        * New upstream version.
          Among many other things:
          - New config option "WarnUnsafeSocks 0" disables the warning that
            occurs whenever Tor receives only an IP address instead of a
            hostname. Setups that do DNS locally over Tor are fine, and we
            shouldn't spam the logs in that case. (Closes: #497466)
      
      tor (0.2.2.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.12-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.11-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.10-alpha-2) experimental; urgency=low
      
        * In /etc/default/tor also source /etc/default/tor.vidalia if it exists
          and if vidalia is installed.  We do this so that the vidalia package
          can override some of our settings: People who have vidalia installed might
          not want to run Tor as a system service. The vidalia .deb can ask them
          that and then set run-daemon to no.
      
      tor (0.2.2.10-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * debian/rules:
          - make manpage building properly depend on patch-stamp,
          - Fix building in the absence of a debian/micro-revision.i file.
      
      tor (0.2.2.9-alpha-1) experimental; urgency=low
      
        * New upstream version.
          - We no longer need to build-depend on a recent libssl-dev because
            Tor now detects whether we need to explicitly turn on
            autonegotiation at run-time rather than compile time.  Good.
            (This also means we no longer need to conflict with newer
             libssls when we built against an old one on backports.)
          - The manpages are now built with asciidoc.  While the upstream
            tarball already ships with the output of asciidoc, we instead
            build the manpages during package build time so we can patch them.
            + Therefore build-depend on asciidoc (>= 8.2), docbook-xml,
              docbook-xsl, and xmlto.
            + update 03_tor_manpage_in_section_8 to patch the .txt files now.
            + Remove tor.1.in torify.1.in tor-gencert.1.in tor-resolve.1.in in
              the doc directory during clean.
            + And try to work around missing (and if it wasn't, broken)
              build-system for the manpages.
            + The torify.1 manpage gets installed by upstream, no longer need
              to do it manually in debian/rules.
          - The original design paper is no longer shipped with Tor.
            + Remove debian/hexdump-*.pdf (which we used to work around
              fig2dev bugs).
            + No longer build the paper in debian/rules, and remove it from
              debian/tor.docs.
            + No longer build-depend on texlive-base-bin, texlive-latex-base,
              texlive-fonts-recommended, transfig and ghostscript.
          - Upstream tarballs no longer ship an AUTHORS file, or the website,
            Removed these from debian/tor.docs.  No longer shipping parts of
            the website also closes: #443560.
          - Also no longer distribute doc/TODO and doc/HACKING in the debian
            package.
        * Move from comm to section net, where it might fit slightly better
          (closes: #482801).
        * Ship contrib/tor-exit-notice.html in the tor package (put it into
          usr/share/doc/tor; closes: #568934).
        * Add stark README.polipo with the instructions from Juliusz Chroboczek.
          (closes: #413730)
        * 0.2.2.4-alpha failed to ship test.h so we had included it in the
          debian diff.  The upstream bug has long since been fixed so we should
          probably stop shipping our own copy of test.h.
        * Finally apply Peter Eisentraut's patch for tor's init script to support
          status as an argument (closes: #526371).
      
      tor (0.2.2.8-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.7-alpha-2) experimental; urgency=low
      
        * debian/rules: Minor cleanup (use a single variable for making up our
          configure flags, not two).
        * debian/rules: Remove logic that ignores the result of unit tests if
          localhost does not resolve (or not to 127.0.0.1).  This should no
          longer be necessary as our build chroots have gotten a lot better.
        * Depend on and enable hardening-includes for building.
      
      tor (0.2.2.7-alpha-1) experimental; urgency=medium
      
        * New upstream version.
          - Rotate keys (both v3 identity and relay identity) for moria1
            and gabelmoo.
          [and more]
      
      tor (0.2.2.6-alpha-1) experimental; urgency=low
      
        * New upstream version.
          - Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch
            (part of upstream).
      
      tor (0.2.2.5-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Pick 0a58567ce3418f410cf1dd0143dd3e56b4a4bd1f from master git tree:
          - work with libssl that has renegotiation disabled by default.
          (debian/patches/0a58567c-work-with-reneg-ssl.dpatch)
        * Therefore build-depend on libssl-dev >= 0.9.8k-6.  If we build against
          earlier versions we will not work once libssl gets upgraded to a version
          that disabled renegotiations.
        * Change order of recommends from privoxy | polipo to polipo | privoxy.
        * Allegedly echo -e is a bashism.  Remove it from debian/rules, we don't
          need it anyways (closes: #478631).
        * Change the dependency on tsocks to torsocks | tsocks (see: #554717).
      
      tor (0.2.2.4-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * The testsuite moved from src/or/test to src/test/test,
          but let's call it using "make check" now.
        * Upstream failed to ship src/test/test.h.  Ship it in debian/ and
          manually copy it in place during configure and clean up in clean.
          Let's not use the patch system as this will most likely be rectified
          by next release.
      
      tor (0.2.2.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.2.2-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * The files src/common/common_sha1.i src/or/or_sha1.i get changed
          during the build - they contain the checksums of the individual
          files that end up in the binary.  Of couse changes only end up
          in the debian diff.gz after building a second time in the same
          directory.  So, remove those files in clean to get both a cleaner
          diff.gz and idempotent builds.
        * If we have a debian/micro-revision.i, replace the one in src/or
          with our copy so that this will be the revision that ends up in
          the binary.  This is an informational only version string, but
          it'd be kinda nice if it was (more) accurate nonetheless.
          .
          Of course this won't help if people manually patch around but
          it's still preferable to claiming we are exactly upstream's source.
          .
          If we are building directly out of a git tree, update
          debian/micro-revision.i in the clean target.
      
      tor (0.2.2.1-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port patches/03_tor_manpage_in_section_8.dpatch.
        * Forward port patches/06_add_compile_time_defaults.dpatch.
      
      tor (0.2.1.19-1) unstable; urgency=low
      
        * New upstream version.
          - Make accessing hidden services on 0.2.1.x work right (closes: #538960).
          [More items are in the upstream changelog.]
      
      tor (0.2.1.18-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.2.1.17-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Update upstream URL in debian/copyright.
      
      tor (0.2.1.16-rc-1) experimental; urgency=low
      
        * New upstream version.
        * No longer inform the user if/when we re-create the /var/run/tor
          directory in the init script.  With /var/run on tmpfs this is
          completely normal now so our message was just noise.
        * Stop shipping /var/run/tor in the package.
        * Only clean up permissions of /var/run/tor in postinst if the
          directory actually exists.
        * Update Standards-Version from 3.8.0 to 3.8.1.  No real changes
          required, we already support nocheck in DEB_BUILD_OPTIONS since
          August 2004, and we already create our var/run directory in the
          init script (tho we now no longer ship it either - see above).
        * Change debhelper compatibility version from 4 to 5:
          - Change dh_strip call from --dbg-package=tor
            to --dbg-package=tor-dbg.
          - Update versioned build time dependency on debhelper.
        * Forward port 06_add_compile_time_defaults.
      
      tor (0.2.1.15-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Change build time dependency on gs to ghostscript.
      
      tor (0.2.1.14-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Change Section of tor-dbg to debug.
      
      tor (0.2.1.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.1.12-alpha-1) experimental; urgency=low
      
        * New upstream version, fixing several security relevant bugs:
           - Avoid a potential crash on exit nodes when processing malformed
             input.  Remote DoS opportunity (closes: #514579).
           - Fix a temporary DoS vulnerability that could be performed by
             a directory mirror (closes: #514580).
        * patches/06_add_compile_time_defaults: Only set the User option in
          the config if we run as root.  Do not set it when run as debian-tor
          as Tor then always insists on changing users which will fail.  (If
          we run as any other user we don't set our debian defaults anyway.)
      
      tor (0.2.1.11-alpha-1) experimental; urgency=high
      
        * New upstream version:
          - Fixes a possible remote heap buffer overflow bug.
          - torify(1) manpage mentions DNS leaks now (closes: #495829).
        * README.Debian: No longer claim we change the default 'Group' setting
          when run as debian-user.  That setting no longer exists.
        * Forward port 03_tor_manpage_in_section_8.dpatch.
      
      tor (0.2.1.10-alpha-1) experimental; urgency=low
      
        * New alpha release.
        * Forward port 03_tor_manpage_in_section_8.dpatch.
      
      tor (0.2.1.9-alpha-1) experimental; urgency=low
      
        * New alpha release.
      
      tor (0.2.1.8-alpha-1) experimental; urgency=low
      
        * New alpha release.
      
      tor (0.2.1.7-alpha-2) experimental; urgency=low
      
        * No longer set now obsolete Group setting in built-in debian config.
      
      tor (0.2.1.7-alpha-1) experimental; urgency=low
      
        * New alpha release.
      
      tor (0.2.1.6-alpha-1) experimental; urgency=low
      
        * New alpha release.
        * Forward port 14_fix_geoip_warning.dpatch.
      
      tor (0.2.1.5-alpha-1) experimental; urgency=low
      
        * New alpha release.
      
      tor (0.2.1.4-alpha-1) experimental; urgency=low
      
        * New alpha release.
        * Do not build with openbsd's malloc unless enable-openbsd-malloc is in
          DEB_BUILD_OPTIONS.
      
      tor (0.2.1.2-alpha-1) experimental; urgency=low
      
        * New alpha release.
      
      tor (0.2.0.30-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.29-rc-2) unstable; urgency=low
      
        * Upload to unstable.
      
      tor (0.2.0.29-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Warn the admin if the number of file descriptors on his system is
          tiny.
      
      tor (0.2.0.28-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Remove debian/patches/11_tor_as_root_more_helpful.dpatch as
          it is no longer needed:  We now setuid() to the Tor user
          when run as root and it all just works.
        * Add comments to the dpatch headers so lintian shuts up.
        * Add patches/14_fix_geoip_warning: Change geoipdb open failed message.
        * Require unit tests to pass again.
      
      tor (0.2.0.27-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Add tor-geoipdb arch: all package for the geoip database.
        * Update debian/rules so that there now is a binary-common target
          and the binary-indep and binary-arch targets call make with
          proper DH_OPTIONS options.  This is taken from the template
          that dh_make nowadays uses for multi-binary packages.
        * Unit tests are broken, yay.
        * Use ${binary:Version} to depend on the right tor binary package from
          the tor-dbg package instead of ${Source-Version}.  Some guy on the
          internet said the latter was deprecated.
        * Add Homepage: https://www.torproject.org/ field to control file.
        * And mention www.tp.o instead of the old tor.eff.org in the long
          description.
        * No longer ignore failure of make clean in the clean target.
        * Support passing of parallel=<n> in build options.
        * Change declared Standards-Version to 3.8.0.
      
      tor (0.2.0.26-rc-1) experimental; urgency=critical
      
        * New upstream version.
        * Conflict with old libssls.
        * On upgrading from versions prior to, including, 0.1.2.19-2, or
          from versions later than 0.2.0 and prior to 0.2.0.26-rc do the
          following, and if we are a server (we have a /var/lib/tor/keys
          directory)
          - move /var/lib/tor/keys/secret_onion_key out of the way.
          - move /var/lib/tor/keys/secret_onion_key.old out of the way.
          - move /var/lib/tor/keys/secret_id_key out of the way if it was
            created on or after 2006-09-17, which is the day the bad
            libssl was uploaded to Debian unstable.
        * Add a NEWS file explaining this change.
      
      tor (0.2.0.24-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.23-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Mention OpenBSD_malloc_Linux.c in debian/copyright.
        * Add a recommends on logrotate.
      
      tor (0.2.0.22-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Work around fig2dev failing to build the images on all archs
          (re #457568).
        * Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is
          found in DEB_BUILD_OPTIONS.  Hopefully this deals with some of the
          horrible memory fragmentation that glibc's malloc causes.
      
      tor (0.2.0.21-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Run --verify-config before start/reload/restart as root.  No longer
          su - to debian-tor tor run it.  Given that we now even start Tor as
          root (it setuids later on) this should be fine (closes: #468566).
      
      tor (0.2.0.20-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Change the default for MAX_FILEDESCRIPTORS in our init script to depend
          on the number of system-wide available file descriptors:
          /proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's
          greater than 40k set the limit to 16k, and when greater than 10k our limit
          shall be 8k descriptors.  If there are less than 20k FDs in the entire
          system default to a limit of only 1024.
      
          Big servers at the moment regularly use more than 10k FDs, so our old
          default of 8k no longer is sufficient.  On the other hand we don't want
          lower end systems to run out of FDs on Tor's account.
        * If we run as root also apply debian defaults.
        * Add User=debian-tor and Group=debian-tor to debian defaults.  That allows
          us to start Tor as root and have it setuid/setgid to the target user.
        * Change the init script to start Tor as root.  Now we should be able to
          bind to low port.
      
      tor (0.2.0.19-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * It's 2008.  Now is the time to add copyright statements for 2007.
        * Forward port 03_tor_manpage_in_section_8.dpatch.
      
      tor (0.2.0.18-alpha-2) experimental; urgency=low
      
        * Work around fig2dev failing to build the images on mipsel like we do on
          sparc and s390 (re #457568)
        * Fix postinst find command that chowns stuff to the right user.  Find
          does weird things in the presence of !.
      
      tor (0.2.0.18-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * postinst: Remove the check that requires the debian-tor user
          to have a uid between 100 and 999.  There is no good reason
          to require this.  If the local admin moves the system users/uid-space
          to some other range then they probably have a good reason for that.
        * postinst: change wording if debian-tor's homedir is wrong, do not
          print anything if it is ok.
        * postinst: We were only fixing the permissions of /var/{lib,run,log}/tor
          when we were not upgrading.  Unfortunately the check doesn't work all
          that well usually in cases where the package was removed (not purged)
          and then later re-installed again.  Now we ensure proper ownership
          and modes for all the directories and files below /var/{lib,run,log}/tor
          (the dirs themselves included) every time we run postinst.
        * postinst: if we reboot between unpacking and configuring on some smart
          systems this will mean that we just lost /var/run/tor - creating it
          in the maintainer script if it doesn't exist.
        * Create logfiles in logrotate so that they come into the world with the
          correct mode (o-r).
      
      tor (0.2.0.17-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.15-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.14-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again -
          it's included upstream.
        * Work around fig2dev failing to build the images on sparc like we do on
          s390.
      
      tor (0.2.0.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch).
      
      tor (0.2.0.12-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.11-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's
          now part of upstream.
      
      tor (0.2.0.9-alpha-2) experimental; urgency=low
      
        * Do not separate required lsb facilities with commas in the
          init script (closes: #448001).
        * Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch,
          from trunk/head.
      
      tor (0.2.0.9-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Only create pid dir if we are about to start Tor (Luca Capello,
          closes: #447508).
      
      tor (0.2.0.8-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.7-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.6-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.5-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.4-alpha-1) experimental; urgency=high
      
        * New upstream version.
      
      tor (0.2.0.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.2-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.2.0.1-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port 06_add_compile_time_defaults.
        * teTeX is no more, long live TeX Live:
          - remove build depends on tetex-bin, tetex-extra,
          - add build depends on texlive-base-bin for dvips and bibtex,
            texlive-latex-base for latex, and texlive-fonts-recommended for fonts
            like ptmr7t.
      
      tor (0.1.2.19-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.18-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.17-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.16-1) unstable; urgency=high
      
        * New upstream version.
      
      tor (0.1.2.15-1) unstable; urgency=low
      
        * New upstream version.
        * Change build-depends from tetex to texlive suite.
      
      tor (0.1.2.14-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.13-3) unstable; urgency=low
      
        * Always give a shell (/bin/sh) when we use su(1) in our init script
          (closes: #421465).
      
      tor (0.1.2.13-2) unstable; urgency=low
      
        * In options_init_from_torrc()'s error path only config_free() options
          if they already have been initialized (closes: #421235).
      
      tor (0.1.2.13-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.12-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.10-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728).
      
      tor (0.1.2.8-beta-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.7-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Install all the spec files into usr/share/doc/tor/spec now.
          They moved to doc/spec/* from just doc/* in the source too.
      
      tor (0.1.2.6-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.5-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Disable 02_add_debian_files_in_manpage.dpatch for now.
      
      tor (0.1.2.4-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.3-alpha-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.2.2-alpha-1) experimental; urgency=low
      
        [ Peter Palfrader ]
        * New upstream version.
      
        [ Roger Dingledine ]
        * Minor update of debian/copyright.
      
      tor (0.1.2.1-alpha-1) experimental; urgency=low
      
        * Forward port 07_log_to_file_by_default.dpatch.
        * Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and
          Log differed from upstreams.  Now Tor behaves just like before (with
          our own DataDirectory and all) only when run as the debian-tor user.
          If invoked as any other user, Tor will behave just like the pristine
          upstream version.
        * Tell users about the init script when they try to run Tor as root.
          Should we also do this when they try to run their Tor as any other
          (non root, non debian-tor) user? - add 11_tor_as_root_more_helpful
        * Use tor --verify-config before start and reload.  Abort init script
          with exit 1 if config does not verify.
        * Change Standards-Version to 3.7.2.  No changes required.
      
      tor (0.1.1.26-1) unstable; urgency=high
      
        * New upstream version (Stop sending the HttpProxyAuthenticator string to
          directory servers when directory connections are tunnelled through Tor).
      
      tor (0.1.1.25-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.1.24-1) unstable; urgency=low
      
        * New upstream version.
        * Update debian/copyright:
          - tree.h has vanished somewhere along the current branch
          - ht.h is new and credits Christopher Clark
          - We didn't mention Matej Pfajfar's copyright before.
        * Forward port 07_log_to_file_by_default.
      
      tor (0.1.1.23-1) unstable; urgency=medium
      
        * New upstream version.
      
      tor (0.1.1.22-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.1.21-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.1.20-1) unstable; urgency=low
      
        * New upstream stable release: The 0.1.1.x tree is now the new stable
          tree.  Upload to unstable rather than experimental.
      
      tor (0.1.1.19-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Remove support for my nodoc DEB_BUILD_OPTIONS variable.  It clutters
          stuff and I haven't used it in ages.
        * Update debian/tor.docs file.
      
      tor (0.1.1.18-rc-1) experimental; urgency=low
      
        * New upstream version.
        * update debian/tor.doc:
          - no longer ship INSTALL and README files, they are useless now.
          - doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html,
            doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced
            by doc/website/stylesheet.css and doc/website/tor-* which is more
            or less the same, only taken from the website.  Some links are
            probably broken still, but this should get fixed eventually.
      
      tor (0.1.1.17-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port patches/07_log_to_file_by_default.
      
      tor (0.1.1.16-rc-1) experimental; urgency=low
      
        * New upstream version.
      
      tor (0.1.1.15-rc-1) experimental; urgency=low
      
        * New upstream version.
        * Apparently passing --host to configure when not cross-compiling
          is evil now and greatly confuses configure.  So don't do it unless it
          actually differs from --build host.
      
      tor (0.1.1.14-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Include 0.1.0.17 changelog in experimental tree.
        * doc/FAQ is no longer shipped, so remove it from debian/tor.docs.
      
      tor (0.1.1.13-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Forward port patches/02_add_debian_files_in_manpage.
        * Forward port patches/03_tor_manpage_in_section_8.
        * Create /var/run/tor on init script start if it does
          not exist already.
        * Set default ulimit -n to 8k instead of 4k in /etc/default/tor.
        * Print that we're raising the ulimit to stdout in the init script.
        * Add CVE numbers to past issues in the changelog where applicable.
      
      tor (0.1.1.12-alpha-1) experimental; urgency=low
      
        * New upstream version, that was a quick one. :)
        * Forward port patches/02_add_debian_files_in_manpage.
      
      tor (0.1.1.11-alpha-1) experimental; urgency=low
      
        * New upstream version.
          - Implement "entry guards": automatically choose a handful of entry
            nodes and stick with them for all circuits.  This will increase
            security dramatically against certain end-point attacks
            (closes: #349283, CVE-2006-0414).
        * Forward port patches/07_log_to_file_by_default.
        * Forward port 0.1.0.16 changelog and change to copyright file.
      
      tor (0.1.1.10-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream
          tarball, remove them from debian/tor.docs.
        * add the following new files to tor.docs: doc/socks-extensions.txt,
          doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html
      
      tor (0.1.1.9-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Remove 08_add_newlines_between_serverdescriptors.dpatch.
        * Update 06_add_compile_time_defaults.dpatch
        * Use bin/bash for the init script instead of bin/sh.  We are using
          ulimit -n which is not POSIX  (closes: #338797).
        * Remove the EVENT_NOEPOLL block from etc/default/tor.
        * Add an ARGS block to etc/default/tor as suggested in #338425.
      
      tor (0.1.1.8-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * Add patch from CVS to
          "Insert a newline between all router descriptors when generating (old
          style) signed directories, in case somebody was counting on that".
          r1.247 of dirserv.c, <20051008060243.85F41140808C@moria.seul.org>
      
      tor (0.1.1.7-alpha-1) experimental; urgency=low
      
        * New upstream version.
        * More merging from 0.1.0.14+XXXX:
          - The tor-dbg package does not really need its own copy of copyright
            and changelog in usr/share/doc/tor-dbg.
        * Forward port 03_tor_manpage_in_section_8.dpatch
      
      tor (0.1.1.6-alpha-2) experimental; urgency=low
      
        * Merge 0.1.0.14+XXXX changes.
      
      tor (0.1.1.6-alpha-1) experimental; urgency=low
      
        * Experimental upstream version.
      
      tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low
      
        * Even more experimental cvs snapshot.
        * Testsuite is mandatory again.
        * Forward port 03_tor_manpage_in_section_8.dpatch
        * Forward port 06_add_compile_time_defaults.dpatch
      
      tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low
      
        * Experimental upstream version.
        * Allow test suite to fail, it's broken in this version.
        * Update list of files from doc/ that should be installed.
        * Forward port debian/ patches.
      
      tor (0.1.0.17-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.1.0.16-1) unstable; urgency=low
      
        * New upstream version.
        * Update copyright file for 2006.
      
      tor (0.1.0.15-1) unstable; urgency=low
      
        * New upstream release.
        * Forward port 03_tor_manpage_in_section_8.
      
      tor (0.1.0.14-2) unstable; urgency=low
      
        * Ship debugging information in a separate package now, instead
          of simply not stripping tor.  This is still useful while tor is
          young.  Ideally it would go away some time.
        * Add LSB comments to init script as suggested by Petter Reinholdtsen
          on the debian-devel list:
          - http://lists.debian.org/debian-devel/2005/08/msg01172.html
          - http://wiki.debian.net/?LSBInitScripts
        * Work around broken chroots that do not resolve localhost or resolve
          it to the wrong IP.  We now catch such cases in debian/rules, shout
          at the buildd maintainer, and ignore the result of our test suite.
      
      tor (0.1.0.14-1) unstable; urgency=high
      
        * New upstream version - changes, among others:
          - Fixes the other half of the bug with crypto handshakes (CVE-2005-2643).
        * Since gs-gpl on s390 is broken (#321435) and unable to
          build PDFs of our images for the design paper this version
          ships them in the source and uses them on s390, should building
          them from source really fail.
        * Increase standards-version from 3.6.1 to 3.6.2.  No changes
          necessary.
      
      tor (0.1.0.13-1) unstable; urgency=high
      
        * New upstream version:
          - Explicitly set no-unaligned-access for sparc in configure.in.
            it turns out the new gcc's let you compile broken code, but
            that doesn't make it not-broken (closes: #320140).
          - Fix a critical bug in the security of our crypto handshakes.
            (Therefore set urgency to high).
          and more (see upstream changelog).
        * Slightly improve init script to give you proper error messages when
          you do not run it as root.
      
      tor (0.1.0.12-1) unstable; urgency=medium
      
        * New upstream version:
          - New IP for tor26 directory server,
          - fix a possible double-free in tor_gzip_uncompress,
          - and more (see upstream changelog).
      
      tor (0.1.0.11-1) unstable; urgency=high
      
        * New upstream version (closes: #316753):
          - Fixes a serious bug: servers now honor their exit policies -
            In 0.1.0.x only clients enforced them so far.  0.0.9.x is
            not affected.
        * Build depend on libevent-dev >= 1.1.
        * Urgency high because 0.0.9.10-1 did not make it into testing after
          like 3 weeks because of an impending ftp-master move.  So I might
          just as well upload this one.
      
      tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low
      
        * New upstream version.
        * Add a watch file.
        * Forward port 03_tor_manpage_in_section_8.
        * Forward port 06_add_compile_time_defaults.
        * Add libevent-dev to build-depends.
        * Update URL to tor in debian/control and debian/copyright.
        * Add a snippet to disable epoll in etc/default/tor, commented out.
        * Add a snippet to set nice level in etc/default/tor.
        * Wait for 60 seconds in init stop.  35 is too little.
        * Don't depend on python anymore - tor-resolve is C now.
        * If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4.
          Of course the -dev package needs to be installed.
        * Update README.Debian to say that upstream now does have a default
          for DataDirectory.
        * Don't fail in the init script when we cannot raise the ulimit.
          Instead just warn a bit (closes: #312882).
      
      tor (0.0.9.10-1) unstable; urgency=high
      
        * While we're waiting for a newer libevent to enter sid, make another
          upload of the 0.0.9.x tree:
          - Refuse relay cells that claim to have a length larger than the
            maximum allowed. This prevents a potential attack that could read
            arbitrary memory (e.g. keys) from an exit server's process
            (CVE-2005-2050).
      
      tor (0.0.9.9-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.0.9.8-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.0.9.7-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.0.9.6-1) unstable; urgency=low
      
        * New upstream version.
        * Upstream used newer auto* tools, so hopefully the new config.sub
          and config.guess files (2003-08-18) are good enough to build
          tor on ppc64 (closes: #300376: FTBFS on ppc64).
      
      tor (0.0.9.5-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.0.9.4-1) unstable; urgency=low
      
        * New upstream version.
        * Set ulimit for file descriptors to 4096 in our init
          script.
        * Use SIGINT to shutdown tor.  That way - if you are a server -
          tor will stop accepting new connections immediately, and
          give existing connections a grace period of 30 seconds in
          which they might complete their task.  If you just run a
          client it should make no difference.
      
      tor (0.0.9.3-1) unstable; urgency=low
      
        * New upstream version.
        * Forward port 07_log_to_file_by_default.
      
      tor (0.0.9.2-1) unstable; urgency=low
      
        * New upstream version.
        * Update debian/copyright (it's 2005).
        * Add sharedscripts tor logrotate.d/tor.
      
      tor (0.0.9.1-1) unstable; urgency=low
      
        * New upstream version.
      
      tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium
      
        * New upstream release (candidate).
          For real this time.  Looks like our rc6 orig.tar.gz
          was in fact the rc5 one.
        * forward port patches/07_log_to_file_by_default
      
      tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium
      
        * New upstream release (candidate).
          - cleans up more integer underflows that don't look exploitable.
            But one never knows (-> medium).
        * Remove those 'date' calls in debian/rules again that were
          added in rc5-1.
      
      tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium
      
        * New upstream release (candidate).
          - medium because it fixes an integer overflow that might
            be exploitable, but doesn't seem to be currently.
        * Add a few 'date' calls in debian/rules, so I can see how long
          building the docs take on autobuilders.
      
      tor (0.0.8+0.0.9rc3-1) unstable; urgency=low
      
        * New upstream release (candidate).
      
      tor (0.0.8+0.0.9rc2-1) unstable; urgency=low
      
        * New upstream release (candidate).
        * Nick's patch is now part of upstream, remove it from
          the debian diff.
      
      tor (0.0.8+0.0.9rc1-1) unstable; urgency=low
      
        * New upstream release (candidate).
        * Apply nick's patch against config.c (1.267) to handle
          absense of units in BandwidthRate.
      
      tor (0.0.8+0.0.9pre6-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * Install control-spec.txt into usr/share/doc/tor/.
      
      tor (0.0.8+0.0.9pre5-2) unstable; urgency=low
      
        * Symlink tor(8) manpage to torrc(5).
        * Make logs readable by the system administrators (group adm).
        * Point to /var/log/tor (the directory) instead of a single
          file (/var/log/tor/log) in the debian patch of the manpage.
        * Do not patch the default torrc to include settings we really want.
          Instead modify the compiled in default options.  Those settings are
      
          - RunAsDaemon is enabled by default.
          - PidFile is set to /var/run/tor/tor.pid.  No default upstream.
          - default logging goes to /var/log/tor/log instead of stdout.
          - DataDirectory is set to /var/lib/tor by default.  No default upstream.
      
          This is also documented in the new debian/README.Debian.
        * Remove /usr/bin/tor-control.py from the binary package, it is
          not really useful yet, and wasn't meant to be installed by
          default.
        * Change init startup script to properly deal with tor
          printing stuff on startup.
      
      tor (0.0.8+0.0.9pre5-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * 04_fix_test can be backed out again.
        * Make sure all patches apply cleanly.
        * No longer use --pidfile, --logfile, and --runasdaemon
          command line options.  Set them in the configfile instead.
        * Change the description slightly, to say "don't rely on the current Tor
          network if you really need strong anonymity", instead of "Tor will not
          provide anonymity currently".
      
      tor (0.0.8+0.0.9pre4-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * Apply patch from cvs to fix a segfault in src/or/test
          (test.c, 1.131).
      
      tor (0.0.8+0.0.9pre3-1) unstable; urgency=high
      
        * New upstream (pre)release.
        * Fixes at least one segfault that can be triggered remotely,
          a format string vulnerability which probably is not exploitable,
          and several assert bugs.
      
      tor (0.0.8+0.0.9pre2-1) unstable; urgency=low
      
        * New upstream (pre)release.
      
      tor (0.0.8+0.0.9pre1-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * Built depend on zlib1g-dev.
      
      tor (0.0.8-1) unstable; urgency=low
      
        * New upstream release.
      
      tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low
      
        * New upstream release candidate.
        * Install design paper in usr/share/doc/tor, not usr/share/doc.  Ooops.
      
      tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO,
          doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package.
        * Build tor-design.{pdf,ps}, wich adds new build-dependencies:
          tetex-{bin,extra}, transfig, and gs.
        * Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design.
          With nodoc the build will not need tetex-{bin,extra}, transfig, and gs.
        * Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests
          ('notest' is an alias')
        * Enable coredumps by default, this is still development code.
        * Modify 02_add_debian_files_in_manpage to still apply.
      
      tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low
      
        * New upstream (pre)release.
        * Depend on python as we now have a python script: tor_resolve
      
      tor (0.0.7.2-1) unstable; urgency=medium
      
        * New upstream release.
          Fixes another instance of that remote crash bug.
        * Mention another reason why stop/reload may fail in the init script.
      
      tor (0.0.7.1-1) unstable; urgency=medium
      
        * New upstream release.
          Fixes a bug that allows a remote crash on exit nodes.
        * Logrotate var/log/tor/*log instead of just var/log/tor/log, in
          case the admin wants several logs.
      
      tor (0.0.7-1) unstable; urgency=low
      
        * New upstream version
          closes: #249893: FTBFS on ia64
      
      tor (0.0.6.2-1) unstable; urgency=medium
      
        * New upstream release (breaks backwards compatibility yet again).
        * Recommend socat.
        * Since tor is in /usr/sbin, the manpage should be in section 8, not
          in section 1.  Move it there, including updating the section in
          the manpage itself and the reference in torify(1).
        * Update debian/copyright file.
      
      tor (0.0.6.1-1) unstable; urgency=medium
      
        * New upstream release (breaks backwards compatibility).
      
      tor (0.0.6-1) unstable; urgency=low
      
        * New upstream release (breaks backwards compatibility).
      
      tor (0.0.5+0.0.6rc4-1) unstable; urgency=low
      
        * New upstream release candidate.
      
      tor (0.0.5+0.0.6rc3-1) unstable; urgency=low
      
        * New upstream release candidate.
      
      tor (0.0.5+0.0.6rc2-1) unstable; urgency=low
      
        * New upstream release candidate.
        * Mention upstream website and mailinglist archives in long
          description.
      
      tor (0.0.5-1) unstable; urgency=low
      
        * New upstream release.
        * Upstream installs a torrc.sample file now, rather than torrc.
          Keep using torrc as dpkg handles conffile upgrades.
      
      tor (0.0.4-1) unstable; urgency=low
      
        * New upstream release (how the version numbers fly by :).
      
      tor (0.0.3-1) unstable; urgency=low
      
        * New upstream release.
        * Also mention that tree.h is by Niels Provos in debian/copyright.
      
      tor (0.0.2-1) unstable; urgency=low
      
        * New upstream release.
        * Uses strlcpy and strlcat by Todd C. Miller, mention him in
          debian/copyright.
      
      tor (0.0.1+0.0.2pre27-1) unstable; urgency=low
      
        * New upstream release.
      
      tor (0.0.1+0.0.2pre26-1) unstable; urgency=low
      
        * New upstream release.
        * Mention log and pidfile location in tor.1.
      
      tor (0.0.1+0.0.2pre25-1) unstable; urgency=low
      
        * New upstream release.
      
      tor (0.0.1+0.0.2pre24-1) unstable; urgency=low
      
        * New upstream release.
        * Do not strip binaries for now.
        * Add "# ulimit -c unlimited" to tor.default
        * Always enable DataDirectory.
        * Actually use dpatch now (to modify upstream torrc.in)
        * Wait for tor to die in init stop.  Let the user know if it doesn't.
      
      tor (0.0.1+0.0.2pre23-1) unstable; urgency=low
      
        * New upstream release.
        * The one test that always failed has been fixed:  removed comment from
          rules file.
      
      tor (0.0.1+0.0.2pre22-1) unstable; urgency=low
      
        * New upstream release.
        * Upstream has moved tor back to usr/bin, but we will keep it in
          usr/sbin.  That's the right place and it doesn't break my tab
          completion there.
      
      tor (0.0.1+0.0.2pre21-1) unstable; urgency=low
      
        * New upstream release.
        * 0.0.2pre20-2 removed the Recommends: on privoxy rather
          than tsocks (which is now required) by mistake.  Fix that.
        * package description: Mention that the package starts the OP by default and
          that OR can be enabled in the config.
        * tor moved to sbin, updating init script.
      
      tor (0.0.1+0.0.2pre20-2) unstable; urgency=low
      
        * Add torify script, documentation, and config file.  Means we also
          depend on tsocks now rather than just recommending it.  Right now
          we install it in debian/rules, but upcoming versions might install
          it in upstream's make install target.
        * There's an upstream ChangeLog file now.  Enjoy!
        * Add a README.privoxy file that explains how to setup privoxy to
          go over tor.
        * As is the case too often, the INSTALL file not only covers
          installation, but also basic usage and configuration.  Therefore
          include it in the docs dir.
        * Add a lintian override for the INSTALL file.
      
      tor (0.0.1+0.0.2pre20-1) unstable; urgency=low
      
        * New upstream version.
          - various design paper updates
          - resolve cygwin warnings
          - split the token bucket into "rate" and "burst" params
          - try to resolve discrepency between bytes transmitted over TLS and actual
            bandwidth use
          - setuid to user _before_ complaining about running as root
          - fix several memleaks and double frees
          - minor logging fixes
          - add more debugging for logs.
          - various documentation fixes and improvements
          - for perforcmance testing, paths are always 3 hops, not "3 or more"
            (this will go away at a later date again)
        * Add dependency on adduser which was previously missing.
        * Change short description to a nicer one.
      
      tor (0.0.1+0.0.2pre19-1) unstable; urgency=low
      
        * Initial Release  (closes: #216611).
      a911e7cf
    • Salvatore Bonaccorso's avatar
      Import Upstream version 0.2.9.14 · 408c41c6
      Salvatore Bonaccorso authored
      408c41c6