Updates tor to 0.4.2.7

[conorsch]

Status

Ready for review.

Description of Changes

Changes proposed in this pull request:

Includes package version bumps in the fetch logic, which unbreaks the
associated nightly CI job. Test vars have been updated to expect the new
version info.

Fixes #5070

Testing

So far, I've performed simple spot testing of the Source Interface, v2 & v3, and observed no problems. More vigorous testing is required to confirm no problems with these new packages.

1. Fetch the new proposed packages from tor: bumps packages to 0.4.2.7-1 securedrop-apt-test#38
2. Run the staging environment locally
3. Copy in the new deb packages and install them with sudo dpkg -i *.deb
4. Perform manual interactive testing of the source & journalist interfaces, both v2 & v3. Confirm you can submit, download & decrypt, reply, and read the reply as the source.

If no problems are found, then we can proceed with publishing the packages to apt-test, and using them in staging environments going forward. Next steps:

1. Review and merge tor: bumps packages to 0.4.2.7-1 securedrop-apt-test#38
2. Rerun CI on this PR, confirm passing

Deployment

Significant implications. All prod instances will be updated to this new version of tor, when released as part of SecureDrop 1.3.0.

Checklist

If you made changes to the server application code:

• Linting (make lint) and tests (make test) pass in the development container

If you made changes to securedrop-admin:

• Linting and tests (make -C admin test) pass in the admin development container

If you made changes to the system configuration:

• Configuration tests pass

If you made non-trivial code changes:

• I have written a test plan and validated it for this PR

If you made changes to documentation:

• Doc linting (make docs-lint) passed locally

If you added or updated a code dependency:

Choose one of the following:

• I have performed a diff review and pasted the contents to the packaging wiki
• I would like someone else to do the diff review

[emkll]

Testing has been done as follows prior to merging the debs PR:

• tor packages install successfully
• tor v2/v3 onion services work as expected
• verified package checksums prior to merge

Debs have been merged, restarted CI in https://circleci.com/workflow-run/3eb8afcc-d9f5-4411-8d3e-207537139493

[emkll]

I've observed some local issues when provisioning the staging environment (described here: #5193)

It is definitely unrelated to changes introduced here (and this PR doesn't affect any install/tor logic, only helper command to download tor debs). CI is passing, this PR is good to merge, and tor 0.4.2.7 is on the test apt server.