If you want to help test a workaround (disables TLS 1.3) for this issue see:
https://github.com/torproject/tor/pull/625
Nick wrote (https://trac.torproject.org/projects/tor/ticket/28973#comment:2 ):
> I expect that a few warnings will still happen with this branch: it waits
> for the bug to
downgrading the libssl1.1 destroys some of my packages like apache2 and
also hinders nyx from starting (ImportError:
/usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not
found (required by
/usr/lib/python3.6/lib-dynload/_ssl.cpython-36m-x86_64-linux-gnu.so))
I will not be able to
Add "deb http://security.debian.org/ stretch/updates main"
to /etc/apt/sources.list.d/stretch.list
apt-get update
apt-get -t stretch install openssl
remove /etc/apt/sources.list.d/stretch.list
On Mon, Dec 03, 2018 at 07:31:55PM +0100, Paul wrote:
> Thank you for the anwer, but i am unable to
Same problem here, relay down for this reason :(
> Thank you for the anwer, but i am unable to find precompiled packages
> for 1.1.1 for debian.
>
> I am currently using buster and i could downgrade to 1.1.0j from stretch
> security.
>
> Can someone help me?
--
Petrusko
C0BF 2184 4A77 4A18
Thank you for the anwer, but i am unable to find precompiled packages
for 1.1.1 for debian.
I am currently using buster and i could downgrade to 1.1.0j from stretch
security.
Can someone help me?
Am 03.12.2018 um 02:09 schrieb Nick Mathewson:
> On Sat, Dec 1, 2018 at 8:40 PM Paul wrote:
>> I
On Sat, Dec 1, 2018 at 8:40 PM Paul wrote:
>
> I have run into this issue just now and iam curious if i can "just"
> downgrade back or if there is any other way to workaround?
>
I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the
two security vulnerabilities fixed in 1.1.1a are
I have run into this issue just now and iam curious if i can "just"
downgrade back or if there is any other way to workaround?
How does this affect my relay? Will it still be useable?
Thx
Am 28.11.2018 um 13:47 schrieb Nick Mathewson:
> Hi, folks!
>
> You should know that there is a
Hi, folks!
You should know that there is a compatibility issue between Tor and
OpenSSL 1.1.1a, when TLS 1.3 is in use. Only OpenSSL 1.1.1a is
affected; other OpenSSL versions are not. The effect here is that Tor
relays using this version of OpenSSL will not be able to negotiate TLS
1.3