[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r9128: forward-port the 0.1.1.26 changelog, plus some other entries (tor/trunk)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r9128: forward-port the 0.1.1.26 changelog, plus some other entries (tor/trunk)
- From: arma@xxxxxxxx
- Date: Fri, 15 Dec 2006 14:56:56 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Fri, 15 Dec 2006 14:57:03 -0500
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: arma
Date: 2006-12-15 14:56:56 -0500 (Fri, 15 Dec 2006)
New Revision: 9128
Modified:
tor/trunk/ChangeLog
Log:
forward-port the 0.1.1.26 changelog, plus some other entries
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2006-12-15 19:53:56 UTC (rev 9127)
+++ tor/trunk/ChangeLog 2006-12-15 19:56:56 UTC (rev 9128)
@@ -15,6 +15,18 @@
support.
- Make PIDFile work on Windows (untested).
+ o Security bugfixes:
+ - Stop sending the HttpProxyAuthenticator string to directory
+ servers when directory connections are tunnelled through Tor.
+ - Clients no longer store bandwidth history in the state file.
+ - Do not log introduction points for hidden services if SafeLogging
+ is set.
+ - When generating bandwidth history, round down to the nearest
+ 1k. When storing accounting data, round up to the nearest 1k.
+ - When we're running as a server, remember when we last rotated onion
+ keys, so that we will rotate keys once they're a week old even if
+ we never stay up for a week ourselves.
+
o Major bugfixes:
- Fix a longstanding bug in eventdns that prevented the count of
timed-out resolves from ever being reset. This bug caused us to
@@ -35,18 +47,6 @@
to resolve an address at a given exit node even when they ask for
it by name.
- o Security bugfixes:
- - Do not log introduction points for hidden services if SafeLogging
- is set.
- - Clients do not store bandwidth history in their state files. (This
- shouldn't be an exploitable security issue, but it's better to be
- safe.)
- - When generating bandwidth history, round down to the nearest
- 1k. When storing accounting data, round up to the nearest 1k.
- - When we're running as a server, remember when we last rotated onion
- keys, so that we will rotate keys once they're a week old even if we
- never stay up for a week ourselves. (Bug 368.)
-
o Controller features:
- Have GETINFO dir/status/* work on hosts with DirPort disabled.
- Reimplement GETINFO so that info/names stays in sync with the
@@ -57,7 +57,6 @@
reported by Mike Perry.)
- Do not report bizarre values for results of accounting GETINFOs
when the last second's write or read exceeds the alloted bandwidth.
- (Bug 329.)
Changes in version 0.1.2.4-alpha - 2006-12-03
@@ -490,6 +489,20 @@
goes) have predicted what we plan to respond to them.
+Changes in version 0.1.1.26 - 2006-12-14
+ o Security bugfixes:
+ - Stop sending the HttpProxyAuthenticator string to directory
+ servers when directory connections are tunnelled through Tor.
+ - Clients no longer store bandwidth history in the state file.
+ - Do not log introduction points for hidden services if SafeLogging
+ is set.
+
+ o Minor bugfixes:
+ - Fix an assert failure when a directory authority sets
+ AuthDirRejectUnlisted and then receives a descriptor from an
+ unlisted router (reported by seeess).
+
+
Changes in version 0.1.1.25 - 2006-11-04
o Major bugfixes:
- When a client asks us to resolve (rather than connect to)