[Pkg-privacy-commits] [vidalia] 109/160: Tentative 0.2.19-1 changesets

Ximin Luo infinity0 at moszumanska.debian.org
Sat Aug 22 13:14:49 UTC 2015 

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository vidalia.

commit fcae75bca0b184984f5af60bfe0ab04d1b0e18dd
Author: Dererk <dererk at torproject.org>
Date:   Fri Jun 22 09:02:26 2012 -0300

    Tentative 0.2.19-1 changesets
---
 debian/NEWS          | 14 ++++++++++++++
 debian/README.Debian | 39 +++++++++++++++++++++++++++++++++++----
 debian/changelog     |  8 ++++++--
 debian/rules         |  3 +--
 debian/vidalia.dirs  |  1 +
 5 files changed, 57 insertions(+), 8 deletions(-)

diff --git a/debian/NEWS b/debian/NEWS
index 46afa9c..33fa741 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,17 @@
+vidalia (0.2.19-1) unstable; urgency=low
+
+  From this version on, we now include two great security enhancement
+  features, both coming by stock (no user changes required):
+  - Code compiler hardening enhancements
+  - AppArmor shield profile
+  .
+  Please refer to /usr/share/doc/vidalia/README.Debian.gz for more
+  information, section "Debian Security Enhancements"
+  .
+  Many thanks to intrigeri for providing this great patches!
+
+ -- Ulises Vitulli <dererk at debian.org>  Fri, 22 Jun 2012 07:18:44 -0300
+
 vidalia (0.2.17-1) unstable; urgency=low
 
   A known bug has been introduced at this release point (in fact it was on 
diff --git a/debian/README.Debian b/debian/README.Debian
index 8620ad2..0befea9 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -22,18 +22,49 @@ Vidalia for Debian
 
  That would be all!
 
-
  ------------------------------------------------------------------------------
    This is default and recommended configuration because the bast majority of 
     the users will find here the most suitable choice for a local Tor daemon.
+                Please keep reading for further explanation 
  ------------------------------------------------------------------------------
 
 
+
+  Debian Security Enhancements
+  ============================
+
+  The first new feature on Vidalia is a general-purpose set of code compiler
+  enhancements that at both, compile and run time, intend to provide security
+  protection feature. 
+
+  In a nutshell, it helps Vidalia software to be more resistant to memory 
+  corruption attacks. This attacks are very easy to find on untrusted third
+  party data coming from the network, data that could have been forged to look
+  like Tor's but associated to malicious remote attacker.
+  
+  The second one is an out-of-the-box security profile for AppArmor, a
+  mandatory access control software that confines processes to certain
+  resources.
+
+  The basic idea behind AppArmor is that you lock an application to a certain
+  minimal well-known predefined list of resources, making certain amount of
+  attacks to be unable to succeed.
+  
+  Please note that this AppArmor profile is prepared to cover only the
+  'default's installation' scenario, in which you use a system's wide Tor
+  instance started by regular Tor init scripts (this configuration is
+  described here as "Default Configuration: Simplest and Painless"). 
+
+  Any other role is not supported, mainly because of the complex amount of
+  scenarios you may find to run Vidalia.
+
+  Sadly enough, current status of AppArmor on Debian Unstable is broken when
+  using stock kernels (Check out status on #661151).
  
- 
 
- The 'But...'
- =============
+
+ The 'But...' Scenarios
+ ======================
 
  On the other hand, there could be a few situations in which you wont be able 
   to use this configuration profile, some of them being:
diff --git a/debian/changelog b/debian/changelog
index f1a727a..5e58be6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,11 +1,15 @@
-vidalia (0.2.19-1) UNRELEASED; urgency=low
+vidalia (0.2.19-1) unstable; urgency=low
 
   [ intrigeri ]
   * Imported Upstream version 0.2.19
   * Install AppArmor profile.
   * Enable hardening flags.
 
- -- intrigeri <intrigeri at debian.org>  Sun, 10 Jun 2012 18:37:14 +0200
+  [ Ulises Vitulli ]
+  * Minor changes on debian/rules
+  * Updated Debian.NEWS
+
+ -- Ulises Vitulli <dererk at debian.org>  Fri, 22 Jun 2012 07:18:44 -0300
 
 vidalia (0.2.17-1) unstable; urgency=low
 
diff --git a/debian/rules b/debian/rules
index 92d68c9..87f7048 100755
--- a/debian/rules
+++ b/debian/rules
@@ -63,14 +63,13 @@ install: build
 	dh_testdir
 	dh_testroot
 	dh_clean -k 
-	dh_installdirs usr/share/pixmaps
+	dh_installdirs 
 	cp debian/apparmor-profile debian/vidalia/etc/apparmor.d/usr.bin.vidalia
 	dh_apparmor --profile-name=usr.bin.vidalia -pvidalia
 	# Install the package
 	cd debian/build; \
 		make install DESTDIR=$(CURDIR)/debian/vidalia
 
-
 # Build architecture-independent files here.
 binary-indep: build install
 # We have nothing to do by default.
diff --git a/debian/vidalia.dirs b/debian/vidalia.dirs
index 79a7ef3..594d82b 100644
--- a/debian/vidalia.dirs
+++ b/debian/vidalia.dirs
@@ -1 +1,2 @@
 etc/apparmor.d
+usr/share/pixmaps

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/vidalia.git

More information about the Pkg-privacy-commits mailing list