On 27/01/13 16:54, Paul Wouters wrote: > On Sun, 27 Jan 2013, Jamie Nguyen wrote: > >> Please could testers give some karma: >> >> https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17?_csrf_token=3663fa7adec7f8e5c46ed89b7a0b59cfab9844d9 >> >> >> >> Tor package for Fedora 17 has been out-of-date with security issues for >> 4 months. Maintainer Enrico Scholz says he will not push the update >> without enough karma (despite even critical path updates only requiring >> 14-days without negative karma before they can be pushed): >> >> https://bugzilla.redhat.com/show_bug.cgi?id=903515 > > I have long ago given up on tor in Fedora. I've gone through several > rounds of battles with Enrico, one up to Fesco. The package should > have been taken away from him a long time ago. It's basically "Enciro's > package" and not a Fedora package. > > As a security dev, I can sadly only recommend using the upstream rpms. > > Paul I'm maintainer of Tor packages for EL6 and they are in fact currently more up-to-date than the Fedora 18 packages, as crazy as that sounds. Fedora users can alternatively use my own Tor repository (which includes Tor Browser too): http://repos.fedorapeople.org/repos/jamielinux/tor/ -- Jamie Nguyen -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
