[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/release-0.2.1] minor cleanup on already published changelog text

commit e234c1cd237af464f53d8b318ce72aef2b7439aa
Author: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date:   Thu Oct 27 20:16:33 2011 -0400

    minor cleanup on already published changelog text
---
 ChangeLog    |   10 +++++-----
 ReleaseNotes |   10 +++++-----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5c85e92..3ff5326 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,11 +17,11 @@ Changes in version 0.2.1.31 - 2011-10-26
 
   o Privacy/anonymity fixes (also included in 0.2.2.x):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
-      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
+      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
       circuit EXTEND request. Now relays can protect clients from the
diff --git a/ReleaseNotes b/ReleaseNotes
index b9d32eb..e3de631 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -22,11 +22,11 @@ Changes in version 0.2.1.31 - 2011-10-26
 
   o Privacy/anonymity fixes (also included in 0.2.2.x):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
-      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
+      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
       circuit EXTEND request. Now relays can protect clients from the

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits