[PATCH] Tor: Update to 0.4.9.7

[PATCH] Tor: Update to 0.4.9.7

[Peter Müller]

Changes in version 0.4.9.7 - 2026-05-06
  This is a security release fixing several major bugfixes that were reported
  in the past weeks. Huge thanks to everyone that reported these issues! We
  strongly recommend upgrading as soon as possible.

  o Major bugfixes (cell handling):
    - Fix out-of-bounds read (OOB) when END, TRUNCATE and TRUNCATED cell
      have no reason in their payload. TROVE-2026-011. Found by Found by
      Brian Carpenter (geeknik). Fixes bug 41254; bugfix
      on 0.1.1.1-alpha.

  o Major bugfixes (conflux):
    - Do not attempt or accept BEGIN_DIR via conflux legs. TROVE-2026-
      008. Credit to Anas Cherni from Calif.io in collaboration with
      Claude and Anthropic Research. Fixes bug 41243; bugfix
      on 0.4.8.1-alpha.

  o Major bugfixes (conflux, relay):
    - Adjust conflux out-of-order queue accounting when clearing a
      queue. TROVE-2026-010. Found by aptupdate. Fixes bug 41251; bugfix
      on 0.4.8.1-alpha.

  o Major bugfixes (pathbias):
    - Fix a client-side crash caused by double-close of a circuit while
      under circuit queue memory pressure. TROVE-2026-009. Found by
      cypherpunks. Fixes bug 41237; bugfix on 0.3.3.6-rc.

  o Major bugfixes (relay):
    - Fix null pointer dereference when receiving a CERT cell out of
      order. TROVE-2026-006. Found by Fwame. Fixes bug 41240; bugfix
      on 0.2.4.4-alpha.

  o Major bugfixes (relay, onion service):
    - Fix off-by-one out-of-bounds read if a malformed BEGIN cell is
      received. TROVE-2026-007. Found by Flanagan. Fixes bug 41245;
      bugfix on 0.2.4.7-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on May 06, 2026.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2026/05/06.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 lfs/tor | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/tor b/lfs/tor
index 7ba6c6641..da6f50457 100644
--- a/lfs/tor
+++ b/lfs/tor
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Anonymizing overlay network for TCP (The onion router)
 
-VER        = 0.4.9.6
+VER        = 0.4.9.7
 
 THISAPP    = tor-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 94
+PAK_VER    = 95
 
 DEPS       =
 
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 93c4a338e892fdc451826fc5be2fa193aec582257b33b5cbb100f3f2ea2ecec182f56fa80e071e0a64fc81fb3a673d27521807071be85917a6490932659d8ebf
+$(DL_FILE)_BLAKE2 = 189aa16fb2bcc2e0838aceeb3f68b43694dea580a89f0bfc27acd4ded9b3824a0c731fb3182e1e221534be9d0f2cbdd5633a4fba7d3137ed793009b39a1d571f
 
 install : $(TARGET)
 
-- 
2.51.0

Re: [PATCH] Tor: Update to 0.4.9.7

[Adolf Belka]

Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>

On 07/05/2026 20:16, Peter Müller wrote:
> Changes in version 0.4.9.7 - 2026-05-06
>    This is a security release fixing several major bugfixes that were reported
>    in the past weeks. Huge thanks to everyone that reported these issues! We
>    strongly recommend upgrading as soon as possible.
> 
>    o Major bugfixes (cell handling):
>      - Fix out-of-bounds read (OOB) when END, TRUNCATE and TRUNCATED cell
>        have no reason in their payload. TROVE-2026-011. Found by Found by
>        Brian Carpenter (geeknik). Fixes bug 41254; bugfix
>        on 0.1.1.1-alpha.
> 
>    o Major bugfixes (conflux):
>      - Do not attempt or accept BEGIN_DIR via conflux legs. TROVE-2026-
>        008. Credit to Anas Cherni from Calif.io in collaboration with
>        Claude and Anthropic Research. Fixes bug 41243; bugfix
>        on 0.4.8.1-alpha.
> 
>    o Major bugfixes (conflux, relay):
>      - Adjust conflux out-of-order queue accounting when clearing a
>        queue. TROVE-2026-010. Found by aptupdate. Fixes bug 41251; bugfix
>        on 0.4.8.1-alpha.
> 
>    o Major bugfixes (pathbias):
>      - Fix a client-side crash caused by double-close of a circuit while
>        under circuit queue memory pressure. TROVE-2026-009. Found by
>        cypherpunks. Fixes bug 41237; bugfix on 0.3.3.6-rc.
> 
>    o Major bugfixes (relay):
>      - Fix null pointer dereference when receiving a CERT cell out of
>        order. TROVE-2026-006. Found by Fwame. Fixes bug 41240; bugfix
>        on 0.2.4.4-alpha.
> 
>    o Major bugfixes (relay, onion service):
>      - Fix off-by-one out-of-bounds read if a malformed BEGIN cell is
>        received. TROVE-2026-007. Found by Flanagan. Fixes bug 41245;
>        bugfix on 0.2.4.7-alpha.
> 
>    o Minor features (fallbackdir):
>      - Regenerate fallback directories generated on May 06, 2026.
> 
>    o Minor features (geoip data):
>      - Update the geoip files to match the IPFire Location Database, as
>        retrieved on 2026/05/06.
> 
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
>   lfs/tor | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/lfs/tor b/lfs/tor
> index 7ba6c6641..da6f50457 100644
> --- a/lfs/tor
> +++ b/lfs/tor
> @@ -26,7 +26,7 @@ include Config
>   
>   SUMMARY    = Anonymizing overlay network for TCP (The onion router)
>   
> -VER        = 0.4.9.6
> +VER        = 0.4.9.7
>   
>   THISAPP    = tor-$(VER)
>   DL_FILE    = $(THISAPP).tar.gz
> @@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
>   DIR_APP    = $(DIR_SRC)/$(THISAPP)
>   TARGET     = $(DIR_INFO)/$(THISAPP)
>   PROG       = tor
> -PAK_VER    = 94
> +PAK_VER    = 95
>   
>   DEPS       =
>   
> @@ -48,7 +48,7 @@ objects = $(DL_FILE)
>   
>   $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>   
> -$(DL_FILE)_BLAKE2 = 93c4a338e892fdc451826fc5be2fa193aec582257b33b5cbb100f3f2ea2ecec182f56fa80e071e0a64fc81fb3a673d27521807071be85917a6490932659d8ebf
> +$(DL_FILE)_BLAKE2 = 189aa16fb2bcc2e0838aceeb3f68b43694dea580a89f0bfc27acd4ded9b3824a0c731fb3182e1e221534be9d0f2cbdd5633a4fba7d3137ed793009b39a1d571f
>   
>   install : $(TARGET)
>