GitLab

A Chinese blogger who calls himself/herself/itself 'TurnRight' has produced two packages containing Tor, which he/she/it has named 'EasyTor' and 'TorPack'. They are definitely not safe to use (the latest releases of both contain versions of Tor before 0.2.1.29 that are now believed to be remotely exploitable), they definitely infringe The Tor Project's trademark, and at least TorPack infringes The Tor Project's copyright as well (I did not find the Tor license in it with a fairly thorough search).

We should have these packages examined for malware, as the Chinese government and its accomplices have previously distributed repackaged versions of popular software that include malware and used targeted malware to attack groups which China opposes.