package/tor: security bump to version 3.5.10

Fixes the following security issues:

    - Fix a denial-of-service bug that could be used by anyone to
      consume a bunch of CPU on any Tor relay or authority, or by
      directories to consume a bunch of CPU on clients or hidden
      services. Because of the potential for CPU consumption to
      introduce observable timing patterns, we are treating this as a
      high-severity security issue. Fixes bug 33119; bugfix on
      0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
      as TROVE-2020-002 and CVE-2020-10592.

    - Correct how we use libseccomp. Particularly, stop assuming that
      rules are applied in a particular order or that more rules are
      processed after the first match. Neither is the case! In
      libseccomp <2.4.0 this lead to some rules having no effect.
      libseccomp 2.4.0 changed how rules are generated, leading to a
      different ordering, which in turn led to a fatal crash during
      startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by
      Peter Gerber.

For more details, see the changelog:
https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.10

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tor/tor.hash

@@ -1,3 +1,3 @@
 # Locally computed
-sha256 d5c56603942a8927670f50a4a469fb909e29d3571fdd013389d567e57abc0b47  tor-0.3.5.8.tar.gz
+sha256 0196be233826e19d1809f05ed01955ad5e8245d3267b9754410230222859f9c4  tor-0.3.5.10.tar.gz
 sha256 b4248f32f009d4f5cccb704b351e31a16590e0dd5fda2856382cc854d81f6234  LICENSE

package/tor/tor.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-TOR_VERSION = 0.3.5.8
+TOR_VERSION = 0.3.5.10
 TOR_SITE = https://dist.torproject.org
 TOR_LICENSE = BSD-3-Clause
 TOR_LICENSE_FILES = LICENSE