Comment 11 for bug 1039560

This bug was fixed in the package tor - 0.2.3.22-rc-1

---------------
tor (0.2.3.22-rc-1) unstable; urgency=high

  [ Peter Palfrader ]
  * New upstream version:
    - Fix an assertion failure in tor_timegm() that could be triggered
      by a badly formatted directory object. Bug found by fuzzing with
      Radamsa. Fixes bug 6811; bugfix on 0.2.0.20-rc.

  [ Stefano Zacchiroli ]
  * README.privoxy, README.polipo: explicitly set socks type to socks5.

 -- Peter Palfrader <email address hidden> Tue, 11 Sep 2012 22:41:41 +0200

tor (0.2.3.21-rc-1) unstable; urgency=low

  * New upstream version, changes including:
    - Tear down the circuit if we get an unexpected SENDME cell. Clients
      could use this trick to make their circuits receive cells faster
      than our flow control would have allowed, or to gum up the network,
      or possibly to do targeted memory denial-of-service attacks on
      entry nodes.
    - Reject any attempt to extend to an internal address. Without
      this fix, a router could be used to probe addresses on an internal
      network to see whether they were accepting connections.
    - Do not crash when comparing an address with port value 0 to an
      address policy.
    For details please see the upstream changelog.

 -- Peter Palfrader <email address hidden> Fri, 07 Sep 2012 12:25:17 +0200