[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/release-0.2.9] start on the 0.2.9.11 changelog
commit 5d34df50f821839399faf82ccfd80b8b51b2fa30
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Thu Jun 8 09:03:38 2017 -0400
start on the 0.2.9.11 changelog
---
ChangeLog | 66 +++++++++++++++++++++++++++++++++++++++++++++++++
changes/bug20509 | 5 ----
changes/bug21943 | 6 -----
changes/bug22034 | 4 ---
changes/bug22370 | 4 ---
changes/bug22460_case2 | 8 ------
changes/bug22490 | 3 ---
changes/geoip-april2017 | 4 ---
changes/geoip-march2017 | 4 ---
changes/geoip-may2017 | 4 ---
changes/prop275-minimal | 9 -------
changes/ticket21564 | 6 -----
12 files changed, 66 insertions(+), 57 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 203a213..0d75b31 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,69 @@
+Changes in version 0.2.9.11 - 2017-06-08
+ Tor 0.2.9.11 fixes a pair of bugs that would allow an attacker to
+ remotely crash a hidden service with an assertion failure. Anyone
+ running a hidden service should upgrade to this version, or to some
+ other version with fixes for TROVE-2017-004 and TROVE-2017-005.
+
+ Tor 0.2.9.11 also backports fixes for several key management bugs
+ that sometimes made relays unreliable, as well as several other
+ bugfixes described below.
+
+ o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
+ - When performing the v3 link handshake on a TLS connection, report
+ that we have the x509 certificate that we actually used on that
+ connection, even if we have changed certificates since that
+ connection was first opened. Previously, we would claim to have
+ used our most recent x509 link certificate, which would sometimes
+ make the link handshake fail. Fixes one case of bug 22460; bugfix
+ on 0.2.3.6-alpha.
+
+ o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
+ - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
+ December 2016 (of which ~126 were still functional) with a list of
+ 151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
+ 2017. Resolves ticket 21564.
+
+ o Minor features (future-proofing, backport from 0.3.0.7):
+ - Tor no longer refuses to download microdescriptors or descriptors if
+ they are listed as "published in the future". This change will
+ eventually allow us to stop listing meaningful "published" dates
+ in microdescriptor consensuses, and thereby allow us to reduce the
+ resources required to download consensus diffs by over 50%.
+ Implements part of ticket 21642; implements part of proposal 275.
+
+ o Minor features (directory authorities, backport from 0.3.0.4-rc)
+ - Directory authorities now reject relays running versions
+ 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
+ suffer from bug 20499 and don't keep their consensus cache
+ up-to-date. Resolves ticket 20509.
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
+ Country database.
+
+ o Minor bugfixes (control port, backport from 0.3.0.6):
+ - The GETINFO extra-info/digest/<digest> command was broken because
+ of a wrong base16 decode return value check, introduced when
+ refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
+
+ o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
+ - Avoid undefined behavior when parsing IPv6 entries from the geoip6
+ file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
+
+ o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7):
+ - The getpid() system call is now permitted under the Linux seccomp2
+ sandbox, to avoid crashing with versions of OpenSSL (and other
+ libraries) that attempt to learn the process's PID by using the
+ syscall rather than the VDSO code. Fixes bug 21943; bugfix
+ on 0.2.5.1-alpha.
+
+ o Minor bugfixes (memory leak, directory authority, backport
+ from 0.3.1.2-alpha):
+ - When directory authorities reject a router descriptor due to
+ keypinning, free the router descriptor rather than leaking the
+ memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
+
+
Changes in version 0.2.9.10 - 2017-03-01
Tor 0.2.9.10 backports a security fix for users who build Tor with
the --enable-expensive-hardening option. It also includes fixes for
diff --git a/changes/bug20509 b/changes/bug20509
deleted file mode 100644
index a39ca9f..0000000
--- a/changes/bug20509
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features:
- - Directory authorities now reject relays running versions
- 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
- suffer from bug 20499 and don't keep their consensus cache
- up-to-date. Resolves ticket 20509.
diff --git a/changes/bug21943 b/changes/bug21943
deleted file mode 100644
index dbe2c72..0000000
--- a/changes/bug21943
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (Linux seccomp2 sandbox):
- - The getpid() system call is now permitted under the Linux seccomp2
- sandbox, to avoid crashing with versions of OpenSSL (and other
- libraries) that attempt to learn the process's PID by using the
- syscall rather than the VDSO code. Fixes bug 21943; bugfix on
- 0.2.5.1-alpha.
diff --git a/changes/bug22034 b/changes/bug22034
deleted file mode 100644
index 6d9e188..0000000
--- a/changes/bug22034
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (control port, regression):
- - The GETINFO extra-info/digest/<digest> command was broken because of a
- wrong base16 decode return value check. In was introduced in a refactor
- of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha.
diff --git a/changes/bug22370 b/changes/bug22370
deleted file mode 100644
index e0e87e3..0000000
--- a/changes/bug22370
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (memory handling):
- - When directory authorities reject a router descriptor due to keypinning,
- free the router descriptor rather than leaking the memory.
- Fixes bug 22370; bugfix on 0.2.7.2-alpha.
diff --git a/changes/bug22460_case2 b/changes/bug22460_case2
deleted file mode 100644
index 0a11759..0000000
--- a/changes/bug22460_case2
+++ /dev/null
@@ -1,8 +0,0 @@
- o Major bugfixes (relay, link handshake):
-
- - When performing the v3 link handshake on a TLS connection, report that
- we have the x509 certificate that we actually used on that connection,
- even if we have changed certificates since that connection was first
- opened. Previously, we would claim to have used our most recent x509
- link certificate, which would sometimes make the link handshake fail.
- Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
diff --git a/changes/bug22490 b/changes/bug22490
deleted file mode 100644
index 244dd50..0000000
--- a/changes/bug22490
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (correctness):
- - Avoid undefined behavior when parsing IPv6 entries from the geoip6
- file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
diff --git a/changes/geoip-april2017 b/changes/geoip-april2017
deleted file mode 100644
index b489eaf..0000000
--- a/changes/geoip-april2017
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
- Country database.
-
diff --git a/changes/geoip-march2017 b/changes/geoip-march2017
deleted file mode 100644
index 6dc92ba..0000000
--- a/changes/geoip-march2017
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2
- Country database.
-
diff --git a/changes/geoip-may2017 b/changes/geoip-may2017
deleted file mode 100644
index 4e504d7..0000000
--- a/changes/geoip-may2017
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features:
- - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
- Country database.
-
diff --git a/changes/prop275-minimal b/changes/prop275-minimal
deleted file mode 100644
index 83d42f8..0000000
--- a/changes/prop275-minimal
+++ /dev/null
@@ -1,9 +0,0 @@
- o Minor features (future-proofing):
-
- - Tor no longer refuses to download microdescriptors or descriptors if
- they are listed as "published in the future". This change will
- eventually allow us to stop listing meaningful "published" dates
- in microdescriptor consensuses, and thereby allow us to reduce the
- resources required to download consensus diffs by over 50%.
- Implements part of ticket 21642; implements part of proposal 275.
-
diff --git a/changes/ticket21564 b/changes/ticket21564
deleted file mode 100644
index 7e01f41..0000000
--- a/changes/ticket21564
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (fallback directory list):
- - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
- December 2016 (of which ~126 were still functional), with a list of
- 151 fallbacks (32 new, 119 existing, 58 removed) generated in
- May 2017.
- Resolves ticket 21564.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits