[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/release-0.2.4] Sort changelog in release-0.2.4



commit e9d45f63aa12073f95ffe4c2e1375f581c204ff3
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Tue Feb 28 10:11:31 2017 -0500

    Sort changelog in release-0.2.4
---
 ChangeLog | 108 +++++++++++++++++++++++++++++++-------------------------------
 1 file changed, 54 insertions(+), 54 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 24fc0e6..68e9982 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,60 +20,6 @@ Changes in version 0.2.4.28 - 2017-03-??
       it was changed on 18 November 2015. Closes task 17906. Patch
       by "teor".
 
-  o Minor features (DoS-resistance, backport from 0.2.7.1-alpha):
-    - Make it harder for attackers to overload hidden services with
-      introductions, by blocking multiple introduction requests on the
-      same circuit. Resolves ticket 15515.
-
-  o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
-    - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
-      a client authorized hidden service. Fixes bug 15823; bugfix
-      on 0.2.1.6-alpha.
-
-  o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
-    - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
-      bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
-
-  o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
-    - Make Tor survive errors involving connections without a
-      corresponding event object. Previously we'd fail with an
-      assertion; now we produce a log message. Related to bug 16248.
-
-  o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
-    - Fix an error that could cause us to read 4 bytes before the
-      beginning of an openssl string. This bug could be used to cause
-      Tor to crash on systems with unusual malloc implementations, or
-      systems with unusual hardening installed. Fixes bug 17404; bugfix
-      on 0.2.3.6-alpha.
-
-  o Major bugfixes (guard selection, backport from 0.2.7.6):
-    - Actually look at the Guard flag when selecting a new directory
-      guard. When we implemented the directory guard design, we
-      accidentally started treating all relays as if they have the Guard
-      flag during guard selection, leading to weaker anonymity and worse
-      performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
-      by Mohsen Imani.
-
-  o Minor bugfixes (compilation, backport from 0.2.7.6)
-    - Fix a compilation warning with Clang 3.6: Do not check the
-      presence of an address which can never be NULL. Fixes bug 17781.
-
-  o Minor features (geoip):
-    - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
-      Country database.
-
-  o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
-    - Make memwipe() do nothing when passed a NULL pointer or buffer of
-      zero size. Check size argument to memwipe() for underflow. Fixes
-      bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
-      patch by "teor".
-
-  o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
-    - Avoid a difficult-to-trigger heap corruption attack when extending
-      a smartlist to contain over 16GB of pointers. Fixes bug 18162;
-      bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
-      Reported by Guido Vranken.
-
   o Major features (security fixes, backport from 0.2.9.4-alpha):
     - Prevent a class of security bugs caused by treating the contents
       of a buffer chunk as if they were a NUL-terminated string. At
@@ -94,6 +40,31 @@ Changes in version 0.2.4.28 - 2017-03-??
       0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
       2016-12-002 and as CVE-2016-1254.
 
+  o Major bugfixes (security, correctness, backport from 0.2.7.4-rc):
+    - Fix an error that could cause us to read 4 bytes before the
+      beginning of an openssl string. This bug could be used to cause
+      Tor to crash on systems with unusual malloc implementations, or
+      systems with unusual hardening installed. Fixes bug 17404; bugfix
+      on 0.2.3.6-alpha.
+
+  o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha):
+    - Avoid a difficult-to-trigger heap corruption attack when extending
+      a smartlist to contain over 16GB of pointers. Fixes bug 18162;
+      bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely.
+      Reported by Guido Vranken.
+
+  o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha):
+    - Avoid crashing when running as a DNS proxy. Fixes bug 16248;
+      bugfix on 0.2.0.1-alpha. Patch from "cypherpunks".
+
+  o Major bugfixes (guard selection, backport from 0.2.7.6):
+    - Actually look at the Guard flag when selecting a new directory
+      guard. When we implemented the directory guard design, we
+      accidentally started treating all relays as if they have the Guard
+      flag during guard selection, leading to weaker anonymity and worse
+      performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
+      by Mohsen Imani.
+
   o Major bugfixes (key management, backport from 0.2.8.3-alpha):
     - If OpenSSL fails to generate an RSA key, do not retain a dangling
       pointer to the previous (uninitialized) key value. The impact here
@@ -111,6 +82,35 @@ Changes in version 0.2.4.28 - 2017-03-??
       it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
       on 0.0.8pre1. Found by OSS-Fuzz.
 
+  o Minor features (security, memory erasure, backport from 0.2.8.1-alpha):
+    - Make memwipe() do nothing when passed a NULL pointer or buffer of
+      zero size. Check size argument to memwipe() for underflow. Fixes
+      bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk",
+      patch by "teor".
+
+  o Minor features (bug-resistance, backport from 0.2.8.2-alpha):
+    - Make Tor survive errors involving connections without a
+      corresponding event object. Previously we'd fail with an
+      assertion; now we produce a log message. Related to bug 16248.
+
+  o Minor features (DoS-resistance, backport from 0.2.7.1-alpha):
+    - Make it harder for attackers to overload hidden services with
+      introductions, by blocking multiple introduction requests on the
+      same circuit. Resolves ticket 15515.
+
+  o Minor features (geoip):
+    - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
+      Country database.
+
+  o Minor bugfixes (compilation, backport from 0.2.7.6):
+    - Fix a compilation warning with Clang 3.6: Do not check the
+      presence of an address which can never be NULL. Fixes bug 17781.
+
+  o Minor bugfixes (hidden service, backport from 0.2.7.1-alpha):
+    - Fix an out-of-bounds read when parsing invalid INTRODUCE2 cells on
+      a client authorized hidden service. Fixes bug 15823; bugfix
+      on 0.2.1.6-alpha.
+
 
 Changes in version 0.2.4.27 - 2015-04-06
   Tor 0.2.4.27 backports two fixes from 0.2.6.7 for security issues that

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits