On Sun, 27 Jan 2013, Jamie Nguyen wrote:
Please could testers give some karma: https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17?_csrf_token=3663fa7adec7f8e5c46ed89b7a0b59cfab9844d9 Tor package for Fedora 17 has been out-of-date with security issues for 4 months. Maintainer Enrico Scholz says he will not push the update without enough karma (despite even critical path updates only requiring 14-days without negative karma before they can be pushed): https://bugzilla.redhat.com/show_bug.cgi?id=903515
I have long ago given up on tor in Fedora. I've gone through several rounds of battles with Enrico, one up to Fesco. The package should have been taken away from him a long time ago. It's basically "Enciro's package" and not a Fedora package. As a security dev, I can sadly only recommend using the upstream rpms. Paul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
