Package: tor-geoipdb Version: 0.4.8.22-1 Severity: normal Dear Maintainer,
As reported on https://gitlab.torproject.org/tpo/core/tor/-/issues/41205 , tor- geoipdb 0.4.8.22-1 erroneously marks 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 and 2001:db8::/32, which are ranges specifically reserved for documentation and examples only, and used by meek, snowflake, and webtunnel as fake address, belonging to US, making a tor user with ExcludeNodes {us} in their torrc unable to use any of these bridges. The patch mentioned in the upstream bug report above could be used as a hot fix for the 0.4.8.22 release. (already done locally) -- System Information: Debian Release: forky/sid APT prefers testing APT policy: (900, 'testing'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.18.5+deb14-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=zh_CN.utf8, LC_CTYPE=zh_CN.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tor-geoipdb depends on: ii tor 0.4.8.22-1 tor-geoipdb recommends no packages. tor-geoipdb suggests no packages. -- no debconf information -- debsums errors found: debsums: changed file /usr/share/tor/geoip (from tor-geoipdb package) debsums: changed file /usr/share/tor/geoip6 (from tor-geoipdb package)
