Open bitmold opened 6 days ago
@uniqx could you please rebase the tor fork and then I prep tor-android for a new release.
I just upgraded us to the new openssl-3.0.14 which is addresses a few CVEs and is what the newest Tor Browser is using alongside tor v0.4.8.12:
Fixed potential use after free after SSL_free_buffers() is called ([CVE-2024-4741]) Fixed an issue where checking excessively long DSA keys or parameters may be very slow ([CVE-2024-4603]) Fixed unbounded memory growth with session handling in TLSv1.3 ([CVE-2024-2511])
https://forum.torproject.org/t/stable-release-0-4-8-12/13060 https://gitlab.torproject.org/tpo/core/tor/-/tags/tor-0.4.8.12