Please test Tor Fedora 17 package
Jamie Nguyen
j at jamielinux.com
Sun Jan 27 18:21:45 UTC 2013
On 27/01/13 16:54, Paul Wouters wrote:
> On Sun, 27 Jan 2013, Jamie Nguyen wrote:
>
>> Please could testers give some karma:
>>
>> https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17?_csrf_token=3663fa7adec7f8e5c46ed89b7a0b59cfab9844d9
>>
>>
>>
>> Tor package for Fedora 17 has been out-of-date with security issues for
>> 4 months. Maintainer Enrico Scholz says he will not push the update
>> without enough karma (despite even critical path updates only requiring
>> 14-days without negative karma before they can be pushed):
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=903515
>
> I have long ago given up on tor in Fedora. I've gone through several
> rounds of battles with Enrico, one up to Fesco. The package should
> have been taken away from him a long time ago. It's basically "Enciro's
> package" and not a Fedora package.
>
> As a security dev, I can sadly only recommend using the upstream rpms.
>
> Paul
I'm maintainer of Tor packages for EL6 and they are in fact currently
more up-to-date than the Fedora 18 packages, as crazy as that sounds.
Fedora users can alternatively use my own Tor repository (which includes
Tor Browser too):
http://repos.fedorapeople.org/repos/jamielinux/tor/
--
Jamie Nguyen
More information about the devel
mailing list