Update all deps except for libevent

[fmarier]

• OpenSSL 1.1.1w - 2023-09-11:

 *) Fix POLY1305 MAC implementation corrupting XMM registers on Windows.

    The POLY1305 MAC (message authentication code) implementation in OpenSSL
    does not save the contents of non-volatile XMM registers on Windows 64
    platform when calculating the MAC of data larger than 64 bytes. Before
    returning to the caller all the XMM registers are set to zero rather than
    restoring their previous content. The vulnerable code is used only on newer
    x86_64 processors supporting the AVX512-IFMA instructions.

    The consequences of this kind of internal application state corruption can
    be various - from no consequences, if the calling application does not
    depend on the contents of non-volatile XMM registers at all, to the worst
    consequences, where the attacker could get complete control of the
    application process. However given the contents of the registers are just
    zeroized so the attacker cannot put arbitrary values inside, the most likely
    consequence, if any, would be an incorrect result of some application
    dependent calculations or a crash leading to a denial of service.

    (CVE-2023-4807)
    [Bernd Edlinger]


 Changes between 1.1.1u and 1.1.1v [1 Aug 2023]

 *) Fix excessive time spent checking DH q parameter value.

    The function DH_check() performs various checks on DH parameters. After
    fixing CVE-2023-3446 it was discovered that a large q parameter value can
    also trigger an overly long computation during some of these checks.
    A correct q value, if present, cannot be larger than the modulus p
    parameter, thus it is unnecessary to perform these checks if q is larger
    than p.

    If DH_check() is called with such q parameter value,
    DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally
    intensive checks are skipped.

    (CVE-2023-3817)
    [Tomáš Mráz]

 *) Fix DH_check() excessive time with over sized modulus

    The function DH_check() performs various checks on DH parameters. One of
    those checks confirms that the modulus ("p" parameter) is not too large.
    Trying to use a very large modulus is slow and OpenSSL will not normally use
    a modulus which is over 10,000 bits in length.

    However the DH_check() function checks numerous aspects of the key or
    parameters that have been supplied. Some of those checks use the supplied
    modulus value even if it has already been found to be too large.

    A new limit has been added to DH_check of 32,768 bits. Supplying a
    key/parameters with a modulus over this size will simply cause DH_check()
    to fail.
    (CVE-2023-3446)
    [Matt Caswell]

 Changes between 1.1.1t and 1.1.1u [30 May 2023]

  *) Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic
     OBJECT IDENTIFIER sub-identifiers to canonical numeric text form.

     OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical
     numeric text form.  For gigantic sub-identifiers, this would take a very
     long time, the time complexity being O(n^2) where n is the size of that
     sub-identifier.  (CVE-2023-2650)

     To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT
     IDENTIFIER to canonical numeric text form if the size of that OBJECT
     IDENTIFIER is 586 bytes or less, and fail otherwise.

     The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT
     IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at
     most 128 sub-identifiers, and that the maximum value that each sub-
     identifier may have is 2^32-1 (4294967295 decimal).

     For each byte of every sub-identifier, only the 7 lower bits are part of
     the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with
     these restrictions may occupy is 32 * 128 / 7, which is approximately 586
     bytes.

     Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5

     [Richard Levitte]

  *) Reworked the Fix for the Timing Oracle in RSA Decryption (CVE-2022-4304).
     The previous fix for this timing side channel turned out to cause
     a severe 2-3x performance regression in the typical use case
     compared to 1.1.1s. The new fix uses existing constant time
     code paths, and restores the previous performance level while
     fully eliminating all existing timing side channels.
     The fix was developed by Bernd Edlinger with testing support
     by Hubert Kario.
     [Bernd Edlinger]

  *) Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention
     that it does not enable policy checking. Thanks to
     David Benjamin for discovering this issue. (CVE-2023-0466)
     [Tomas Mraz]

  *) Fixed an issue where invalid certificate policies in leaf certificates are
     silently ignored by OpenSSL and other certificate policy checks are skipped
     for that certificate. A malicious CA could use this to deliberately assert
     invalid certificate policies in order to circumvent policy checking on the
     certificate altogether. (CVE-2023-0465)
     [Matt Caswell]

  *) Limited the number of nodes created in a policy tree to mitigate
     against CVE-2023-0464.  The default limit is set to 1000 nodes, which
     should be sufficient for most installations.  If required, the limit
     can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build
     time define to a desired maximum number of nodes or zero to allow
     unlimited growth. (CVE-2023-0464)
     [Paul Dale]

• tor 0.4.8.5 - 2023-08-30:

  Quick second release after the first stable few days ago fixing minor
  annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation
  failures and PoW unit test.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on August 30, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/08/30.

  o Minor bugfix (NetBSD, compilation):
    - Fix compilation issue on NetBSD by avoiding an unnecessary
      dependency on "huge" page mappings in Equi-X. Fixes bug 40843;
      bugfix on 0.4.8.1-alpha.

  o Minor bugfix (NetBSD, testing):
    - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on
      x86_64 and aarch64 NetBSD hosts, by adding support for
      PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha.

  o Minor bugfixes (conflux):
    - Demote a relay-side warn about too many legs to ProtocolWarn, as
      there are conditions that it can briefly happen during set
      construction. Also add additional set logging details for all
      error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha.
    - Prevent non-fatal assert stacktrace caused by using conflux sets
      during their teardown process. Fixes bug 40842; bugfix
      on 0.4.8.1-alpha.


Changes in version 0.4.8.4 - 2023-08-23
  Finally, this is the very first stable release of the 0.4.8.x series making
  Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire
  network. Some major bugfixes since the release candidate detailed below.

  o Major feature (denial of service):
    - Extend DoS protection to partially opened channels and known
      relays. Because re-entry is not allowed anymore, we can apply DoS
      protections onto known IP namely relays. Fixes bug 40821; bugfix
      on 0.3.5.1-alpha.

  o Major bugfixes (conflux):
    - Fix a relay-side crash caused by side effects of the fix for bug
      40827. Reverts part of that fix that caused the crash and adds
      additional log messages to help find the root cause. Fixes bug
      40834; bugfix on 0.4.8.3-rc.

  o Major bugfixes (proof of work, onion service, hashx):
    - Fix a very rare buffer overflow in hashx, specific to the dynamic
      compiler on aarch64 platforms. Fixes bug 40833; bugfix
      on 0.4.8.2-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on August 23, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/08/23.

  o Minor features (testing):
    - All Rust code is now linted (cargo clippy) as part of GitLab CI, and
      existing warnings have been fixed. - Any unit tests written in Rust now
      run as part of GitLab CI.

  o Minor bugfix (FreeBSD, compilation):
    - Fix compilation issue on FreeBSD by properly importing
      sys/param.h. Fixes bug 40825; bugfix on 0.4.8.1-alpha.

  o Minor bugfixes (compression):
    - Right after compression/decompression work is done, check for
      errors. Before this, we would consider compression bomb before
      that and then looking for errors leading to false positive on that
      log warning. Fixes bug 40739; bugfix on 0.3.5.1-alpha. Patch
      by "cypherpunks".


Changes in version 0.4.8.3-rc - 2023-08-04
  This is the first release candidate (and likely the only) of the 0.4.8.x
  series. We fixed a major conflux bugfix which was a fatal asserts on the
  relay Exit side. See below for more details. Couple minor bugfixes. Until
  stable, name of the game here is stabilization.

  o Major bugfixes (conflux):
    - Fix a relay-side assert crash caused by attempts to use a conflux
      circuit between circuit close and free, such that no legs were on
      the conflux set. Fixed by nulling out the stream's circuit back-
      pointer when the last leg is removed. Additional checks and log
      messages have been added to detect other cases. Fixes bug 40827;
      bugfix on 0.4.8.1-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on August 04, 2023.
    - Regenerate fallback directories generated on July 26, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/07/26.
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/08/04.

  o Minor bugfixes (compilation):
    - Fix all -Werror=enum-int-mismatch warnings. No behavior change.
      Fixes bug 40824; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (protocol warn):
    - Wrap a handful of cases where ProtocolWarning logs could emit IP
      addresses. Fixes bug 40828; bugfix on 0.3.5.1-alpha.


Changes in version 0.4.8.2-alpha - 2023-07-12
  This is our second alpha containing some minor bugfixes and one major bugfix
  about L2 vanguard rotation. We believe this will be the last alpha before the
  rc in a couple of weeks.

  o Major bugfixes (vanguards):
    - Rotate to a new L2 vanguard whenever an existing one loses the
      Stable or Fast flag. Previously, we would leave these relays in
      the L2 vanguard list but never use them, and if all of our
      vanguards end up like this we wouldn't have any middle nodes left
      to choose from so we would fail to make onion-related circuits.
      Fixes bug 40805; bugfix on 0.4.7.1-alpha.

  o Minor feature (hs):
    - Fix compiler warnings in equix and hashx when building with clang.
      Closes ticket 40800.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on July 12, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/07/12.

  o Minor bugfix (congestion control):
    - Reduce the accepted range of a circuit's negotiated 'cc_sendme_inc'
      to be +/- 1 from the consensus parameter value. Fixes bug 40569;
      bugfix on 0.4.7.4-alpha.
    - Remove unused congestion control algorithms and BDP calculation
      code, now that we have settled on and fully tuned Vegas. Fixes bug
      40566; bugfix on 0.4.7.4-alpha.
    - Update default congestion control parameters to match consensus.
      Fixes bug 40709; bugfix on 0.4.7.4-alpha.

  o Minor bugfixes (compilation):
    - Fix "initializer is not a constant" compilation error that
      manifests itself on gcc versions < 8.1 and MSVC. Fixes bug 40773;
      bugfix on 0.4.8.1-alpha

  o Minor bugfixes (conflux):
    - Count leg launch attempts prior to attempting to launch them. This
      avoids inifinite launch attempts due to internal circuit building
      failures. Additionally, double-check that we have enough exits in
      our consensus overall, before attempting to launch conflux sets.
      Fixes bug 40811; bugfix on 0.4.8.1-alpha.
    - Fix a case where we were resuming reading on edge connections that
      were already marked for close. Fixes bug 40801; bugfix
      on 0.4.8.1-alpha.
    - Fix stream attachment order when creating conflux circuits, so
      that stream attachment happens after finishing the full link
      handshake, rather than upon set finalization. Fixes bug 40801;
      bugfix on 0.4.8.1-alpha.
    - Handle legs being closed or destroyed before computing an RTT
      (resulting in warns about too many legs). Fixes bug 40810; bugfix
      on 0.4.8.1-alpha.
    - Remove a "BUG" warning from conflux_pick_first_leg that can be
      triggered by broken or malicious clients. Fixes bug 40801; bugfix
      on 0.4.8.1-alpha.

  o Minor bugfixes (KIST):
    - Prevent KISTSchedRunInterval from having values of 0 or 1, neither
      of which work properly. Additionally, make a separate
      KISTSchedRunIntervalClient parameter, so that the client and relay
      KIST values can be set separately. Set the default of both to 2ms.
      Fixes bug 40808; bugfix on 0.3.2.1-alpha.


Changes in version 0.4.8.1-alpha - 2023-06-01
  This is the first alpha of the 0.4.8.x series. Two major features in this
  version which are Conflux and onion service Proof-of-Work (PoW). There are
  also many small features in particular, worth noting, the MetricsPort is now
  exporting more relay and onion service metrics. Finally, there are
  also numerous minor bugfixes included in this version.

  o Major features (onion service, proof-of-work):
    - Implement proposal 327 (Proof-Of-Work). This is aimed at thwarting
      introduction flooding DoS attacks by introducing a dynamic Proof-Of-Work
      protocol that occurs over introduction circuits. This introduces several
      torrc options prefixed with "HiddenServicePoW" in order to control this
      feature. By default, this is disabled. Closes ticket 40634.

  o Major features (conflux):
    - Implement Proposal 329 (conflux traffic splitting). Conflux splits
      traffic across two circuits to Exits that support the protocol.
      These circuits are pre-built only, which means that if the pre-
      built conflux pool runs out, regular circuits will then be used.
      When using conflux circuit pairs, clients choose the lower-latency
      circuit to send data to the Exit. When the Exit sends data to the
      client, it maximizes throughput, by fully utilizing both circuits
      in a multiplexed fashion. Alternatively, clients can request that
      the Exit optimize for latency when transmitting to them, by
      setting the torrc option 'ConfluxClientUX latency'. Onion services
      are not currently supported, but will be in arti. Many other
      future optimizations will also be possible using this protocol.
      Closes ticket 40593.

  o Major features (dirauth):
    - Directory authorities and relays now interact properly with
      directory authorities if they change addresses. In the past, they
      would continue to upload votes, signatures, descriptors, etc to
      the hard-coded address in the configuration. Now, if the directory
      authority is listed in the consensus at a different address, they
      will direct queries to this new address. Implements ticket 40705.

  o Minor feature (CI):
    - Update CI to use Debian Bullseye for runners.

  o Minor feature (client, IPv6):
    - Make client able to pick IPv6 relays by default now meaning
      ClientUseIPv6 option now defaults to 1. Closes ticket 40785.

  o Minor feature (compilation):
    - Fix returning something other than "Unknown N/A" as libc version
      if we build tor on an O.S. like DragonFlyBSD, FreeBSD, OpenBSD
      or NetBSD.

  o Minor feature (cpuworker):
    - Always use the number of threads for our CPU worker pool to the
      number of core available but cap it to a minimum of 2 in case of a
      single core. Fixes bug 40713; bugfix on 0.3.5.1-alpha.

  o Minor feature (lzma):
    - Fix compiler warnings for liblzma >= 5.3.1. Closes ticket 40741.

  o Minor feature (MetricsPort, relay):
    - Expose time until online keys expires on the MetricsPort. Closes
      ticket 40546.

  o Minor feature (MetricsPort, relay, onion service):
    - Add metrics for the relay side onion service interactions counting
      seen cells. Closes ticket 40797. Patch by "friendly73".

  o Minor features (directory authorities):
    - Directory authorities now include their AuthDirMaxServersPerAddr
      config option in the consensus parameter section of their vote.
      Now external tools can better predict how they will behave.
      Implements ticket 40753.

  o Minor features (directory authority):
    - Add a new consensus method in which the "published" times on
      router entries in a microdesc consensus are all set to a
      meaningless fixed date. Doing this will make the download size for
      compressed microdesc consensus diffs much smaller. Part of ticket
      40130; implements proposal 275.

  o Minor features (network documents):
    - Clients and relays no longer track the "published on" time
      declared for relays in any consensus documents. When reporting
      this time on the control port, they instead report a fixed date in
      the future. Part of ticket 40130.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on June 01, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/06/01.

  o Minor features (hs, metrics):
    - Add tor_hs_rend_circ_build_time and tor_hs_intro_circ_build_time
      histograms to measure hidden service rend/intro circuit build time
      durations. Part of ticket 40757.

  o Minor features (metrics):
    - Add a `reason` label to the HS error metrics. Closes ticket 40758.
    - Add service side metrics for REND and introduction request
      failures. Closes ticket 40755.
    - Add support for histograms. Part of ticket 40757.

  o Minor features (pluggable transports):
    - Automatically restart managed Pluggable Transport processes when
      their process terminate. Resolves ticket 33669.

  o Minor features (portability, compilation):
    - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5
      compatibility. Fixes issue 40630; patch by Alex Xu (Hello71).

  o Minor features (relay):
    - Do not warn about configuration options that may expose a non-
      anonymous onion service. Closes ticket 40691.

  o Minor features (relays):
    - Trigger OOS when bind fails with EADDRINUSE. This improves
      fairness when a large number of exit connections are requested,
      and properly signals exhaustion to the network. Fixes issue 40597;
      patch by Alex Xu (Hello71).

  o Minor features (tests):
    - Avoid needless key reinitialization with OpenSSL during unit
      tests, saving significant time. Patch from Alex Xu.

  o Minor bugfix (relay, logging):
    - The wrong max queue cell size was used in a protocol warning
      logging statement. Fixes bug 40745; bugfix on 0.4.7.1-alpha.

  o Minor bugfixes (logging):
    - Avoid ""double-quoting"" strings in several log messages. Fixes
      bug 22723; bugfix on 0.1.2.2-alpha.
    - Correct a log message when cleaning microdescriptors. Fixes bug
      40619; bugfix on 0.2.5.4-alpha.

  o Minor bugfixes (metrics):
    - Decrement hs_intro_established_count on introduction circuit
      close. Fixes bug 40751; bugfix on 0.4.7.12.

  o Minor bugfixes (pluggable transports, windows):
    - Remove a warning `BUG()` that could occur when attempting to
      execute a non-existing pluggable transport on Windows. Fixes bug
      40596; bugfix on 0.4.0.1-alpha.

  o Minor bugfixes (relay):
    - Remove a "BUG" warning for an acceptable race between a circuit
      close and considering that circuit active. Fixes bug 40647; bugfix
      on 0.3.5.1-alpha.
    - Remove a harmless "Bug" log message that can happen in
      relay_addr_learn_from_dirauth() on relays during startup. Finishes
      fixing bug 40231. Fixes bug 40523; bugfix on 0.4.5.4-rc.

  o Minor bugfixes (sandbox):
    - Allow membarrier for the sandbox. And allow rt_sigprocmask when
      compiled with LTTng. Fixes bug 40799; bugfix on 0.3.5.1-alpha.
    - Fix sandbox support on AArch64 systems. More "*at" variants of
      syscalls are now supported. Signed 32 bit syscall parameters are
      checked more precisely, which should lead to lower likelihood of
      breakages with future compiler and libc releases. Fixes bug 40599;
      bugfix on 0.4.4.3-alpha.

  o Minor bugfixes (state file):
    - Avoid a segfault if the state file doesn't contains TotalBuildTimes
      along CircuitBuildAbandonedCount being above 0. Fixes bug 40437;
      bugfix on 0.3.5.1-alpha.

  o Removed features:
    - Remove the RendPostPeriod option. This was primarily used in
      Version 2 Onion Services and after its deprecation isn't needed
      anymore. Closes ticket 40431. Patch by Neel Chauhan.


Changes in version 0.4.7.14 - 2023-07-26
  This version contains several minor fixes and one major bugfix affecting
  vanguards (onion service). As usual, we recommend upgrading to this version
  as soon as possible.

  o Major bugfixes (vanguards):
    - Rotate to a new L2 vanguard whenever an existing one loses the
      Stable or Fast flag. Previously, we would leave these relays in
      the L2 vanguard list but never use them, and if all of our
      vanguards end up like this we wouldn't have any middle nodes left
      to choose from so we would fail to make onion-related circuits.
      Fixes bug 40805; bugfix on 0.4.7.1-alpha.

  o Minor feature (CI):
    - Update CI to use Debian Bullseye for runners.

  o Minor feature (lzma):
    - Fix compiler warnings for liblzma >= 5.3.1. Closes ticket 40741.

  o Minor features (directory authorities):
    - Directory authorities now include their AuthDirMaxServersPerAddr
      config option in the consensus parameter section of their vote.
      Now external tools can better predict how they will behave.
      Implements ticket 40753.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on July 26, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/07/26.

  o Minor bugfix (relay, logging):
    - The wrong max queue cell size was used in a protocol warning
      logging statement. Fixes bug 40745; bugfix on 0.4.7.1-alpha.

  o Minor bugfixes (compilation):
    - Fix all -Werror=enum-int-mismatch warnings. No behavior change.
      Fixes bug 40824; bugfix on 0.3.5.1-alpha.

  o Minor bugfixes (metrics):
    - Decrement hs_intro_established_count on introduction circuit
      close. Fixes bug 40751; bugfix on 0.4.7.12.

  o Minor bugfixes (sandbox):
    - Allow membarrier for the sandbox. And allow rt_sigprocmask when
      compiled with LTTng. Fixes bug 40799; bugfix on 0.3.5.1-alpha.

• zlib 1.3 - 2023-08-18:

Building using K&R (pre-ANSI) function definitions is no longer supported.
Fixed a bug in deflateBound() for level 0 and memLevel 9.
Fixed a bug when gzungetc() is used immediately after gzopen().
Fixed a bug when using gzflush() with a very small buffer.
Fixed a crash when gzsetparams() is attempted for a transparent write.
Fixed test/example.c to work with FORCE_STORED.
Fixed minizip to allow it to open an empty zip file.
Fixed reading disk number start on zip64 files in minizip.
Fixed a logic error in minizip argument processing.