[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/release-0.3.1] Finish changelog and release notes for 0.3.1.7
commit 9d35ddf110dc1737af4f12c4135a03cb7ac3c85d
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Mon Sep 18 09:50:05 2017 -0400
Finish changelog and release notes for 0.3.1.7
---
ChangeLog | 20 +++++++++++++++-----
ReleaseNotes | 20 +++++++++++++++-----
changes/bug23533 | 4 ----
changes/trove-2017-008 | 5 -----
4 files changed, 30 insertions(+), 19 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 282cb3e8d..0c8c0d310 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,11 +9,10 @@ Changes in version 0.3.1.7 - 2017-09-18
small features, bugfixes on earlier release series, and groundwork for
the hidden services revamp of 0.3.2.
- Per our stable release policy, we plan to support the Tor 0.3.0
- release series for at least the next nine months, or for three months
- after the first stable release of the 0.3.1 series: whichever is
- longer. If you need a release with long-term support, we recommend
- that you stay with the 0.2.9 series.
+ This release also includes a fix for TROVE-2017-008, a security bug
+ that affects hidden services running with the SafeLogging option
+ disabled. For more information, see
+ https://trac.torproject.org/projects/tor/ticket/23490
Per our stable release policy, we plan to support each stable release
series for at least the next nine months, or for three months after
@@ -24,6 +23,12 @@ Changes in version 0.3.1.7 - 2017-09-18
Below is a list of the changes since 0.3.1.6-rc. For a list of all
changes since 0.3.0, see the ReleaseNotes file.
+ o Major bugfixes (security, hidden services, loggging):
+ - Fix a bug where we could log uninitialized stack when a certain
+ hidden service error occurred while SafeLogging was disabled.
+ Fixes bug #23490; bugfix on 0.2.7.2-alpha. This is also tracked as
+ TROVE-2017-008 and CVE-2017-0380.
+
o Minor features (defensive programming):
- Create a pair of consensus parameters, nf_pad_tor2web and
nf_pad_single_onion, to disable netflow padding in the consensus
@@ -49,6 +54,11 @@ Changes in version 0.3.1.7 - 2017-09-18
- Do not crash when receiving a POSTDESCRIPTOR command with an empty
body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
+ o Minor bugfixes (relay):
+ - Inform the geoip and rephist modules about all requests, even on
+ relays that are only fetching microdescriptors. Fixes a bug
+ related to 21585; bugfix on 0.3.0.1-alpha.
+
o Minor bugfixes (unit tests):
- Fix a channelpadding unit test failure on slow systems by using
mocked time instead of actual time. Fixes bug 23077; bugfix
diff --git a/ReleaseNotes b/ReleaseNotes
index 8328b63c1..e8a9f3b41 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -13,11 +13,10 @@ Changes in version 0.3.1.7 - 2017-09-18
small features, bugfixes on earlier release series, and groundwork for
the hidden services revamp of 0.3.2.
- Per our stable release policy, we plan to support the Tor 0.3.0
- release series for at least the next nine months, or for three months
- after the first stable release of the 0.3.1 series: whichever is
- longer. If you need a release with long-term support, we recommend
- that you stay with the 0.2.9 series.
+ This release also includes a fix for TROVE-2017-008, a security bug
+ that affects hidden services running with the SafeLogging option
+ disabled. For more information, see
+ https://trac.torproject.org/projects/tor/ticket/23490
Per our stable release policy, we plan to support each stable release
series for at least the next nine months, or for three months after
@@ -32,6 +31,12 @@ Changes in version 0.3.1.7 - 2017-09-18
- To build with zstd and lzma support, Tor now requires the
pkg-config tool at build time.
+ o Major bugfixes (security, hidden services, loggging):
+ - Fix a bug where we could log uninitialized stack when a certain
+ hidden service error occurred while SafeLogging was disabled.
+ Fixes bug #23490; bugfix on 0.2.7.2-alpha.
+ This is also tracked as TROVE-2017-008 and CVE-2017-0380.
+
o Major features (build system, continuous integration):
- Tor's repository now includes a Travis Continuous Integration (CI)
configuration file (.travis.yml). This is meant to help new
@@ -515,6 +520,11 @@ Changes in version 0.3.1.7 - 2017-09-18
and are not relevant to the operator. Fixes bug 23078; bugfix on
0.3.0.1-alpha and 0.3.0.2-alpha.
+ o Minor bugfixes (relay):
+ - Inform the geoip and rephist modules about all requests, even on
+ relays that are only fetching microdescriptors. Fixes a bug
+ related to 21585; bugfix on 0.3.0.1-alpha.
+
o Minor bugfixes (memory leaks):
- Fix a small memory leak at exit from the backtrace handler code.
Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto.
diff --git a/changes/bug23533 b/changes/bug23533
deleted file mode 100644
index b5bfdc0ce..000000000
--- a/changes/bug23533
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (relay):
- - Inform the geoip and rephist modules about all requests, even
- on relays that are only fetching microdescriptors. Fixes a bug related
- to 21585; bugfix on 0.3.0.1-alpha.
diff --git a/changes/trove-2017-008 b/changes/trove-2017-008
deleted file mode 100644
index 4b9c5b0a1..000000000
--- a/changes/trove-2017-008
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (security, hidden services, loggging):
- - Fix a bug where we could log uninitialized stack when a certain
- hidden service error occurred while SafeLogging was disabled.
- Fixes bug #23490; bugfix on 0.2.7.2-alpha.
- This is also tracked as TROVE-2017-008 and CVE-2017-0380.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits