Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs
in managed pluggable transports, as well as providing other cleanups
that get us closer to a release candidate.
https://www.torproject.org/download/download
(Packages coming eventually. Speaking of packages, deb.torproject.org
now offers Tor Debian packages for armel on sid, wheezy, squeeze, lucid,
natty, and oneiric; and for armhf on sid and wheezy.)
Changes in version 0.2.3.13-alpha - 2012-03-26
o Directory authority changes:
- Change IP address for maatuska (v3 directory authority).
o Security fixes:
- Provide controllers with a safer way to implement the cookie
authentication mechanism. With the old method, if another locally
running program could convince a controller that it was the Tor
process, then that program could trick the contoller into telling
it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
authentication method uses a challenge-response approach to prevent
this attack. Fixes bug 5185, implements proposal 193.
- Never use a bridge or a controller-supplied node as an exit, even
if its exit policy allows it. Found by wanoskarnet. Fixes bug
5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors)
and 0.2.0.3-alpha (for bridge-purpose descriptors).
- Only build circuits if we have a sufficient threshold of the total
descriptors that are marked in the consensus with the "Exit"
flag. This mitigates an attack proposed by wanoskarnet, in which
all of a client's bridges collude to restrict the exit nodes that
the client knows about. Fixes bug 5343.
o Major bugfixes (on Tor 0.2.3.x):
- Avoid an assert when managed proxies like obfsproxy are configured,
and we receive HUP signals or setconf attempts too rapidly. This
situation happens most commonly when Vidalia tries to attach to
Tor or tries to configure the Tor it's attached to. Fixes bug 5084;
bugfix on 0.2.3.6-alpha.
- Fix a relay-side pluggable transports bug where managed proxies were
unreachable from the Internet, because Tor asked them to bind on
localhost. Fixes bug 4725; bugfix on 0.2.3.9-alpha.
- Stop discarding command-line arguments when TestingTorNetwork
is set. Discovered by Kevin Bauer. Fixes bug 5373; bugfix on
0.2.3.9-alpha, where task 4552 added support for two layers of
torrc files.
- Resume allowing the unit tests to run in gdb. This was accidentally
made impossible when the DisableDebuggerAttachment option was
introduced. Fixes bug 5448; bugfix on 0.2.3.9-alpha.
- Resume building with nat-pmp support. Fixes bug 4955; bugfix on
0.2.3.11-alpha. Reported by Anthony G. Basile.
o Minor bugfixes (on 0.2.2.x and earlier):
- Ensure we don't cannibalize circuits that are longer than three hops
already, so we don't end up making circuits with 5 or more
hops. Patch contributed by wanoskarnet. Fixes bug 5231; bugfix on
0.1.0.1-rc which introduced cannibalization.
- Detect and reject certain misformed escape sequences in
configuration values. Previously, these values would cause us
to crash if received in a torrc file or over an authenticated
control port. Bug found by Esteban Manchado Velázquez, and
independently by Robert Connolly from Matta Consulting who further
noted that it allows a post-authentication heap overflow. Patch
by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668);
bugfix on 0.2.0.16-alpha.
- Fix a compile warning when using the --enable-openbsd-malloc
configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
- Directory caches no longer refuse to clean out descriptors because
of missing v2 networkstatus documents, unless they're configured
to retrieve v2 networkstatus documents. Fixes bug 4838; bugfix on
0.2.2.26-beta. Patch by Daniel Bryg.
- Update to the latest version of the tinytest unit testing framework.
This includes a couple of bugfixes that can be relevant for
running forked unit tests on Windows, and removes all reserved
identifiers.
o Minor bugfixes (on 0.2.3.x):
- On a failed pipe() call, don't leak file descriptors. Fixes bug
4296; bugfix on 0.2.3.1-alpha.
- Spec conformance: on a v3 handshake, do not send a NETINFO cell
until after we have received a CERTS cell. Fixes bug 4361; bugfix
on 0.2.3.6-alpha. Patch by "frosty".
- When binding to an IPv6 address, set the IPV6_V6ONLY socket
option, so that the IP stack doesn't decide to use it for IPv4
too. Fixes bug 4760; bugfix on 0.2.3.9-alpha.
- Ensure that variables set in Tor's environment cannot override
environment variables that Tor passes to a managed
pluggable-transport proxy. Previously, Tor would pass every
variable in its environment to managed proxies along with the new
ones, in such a way that on many operating systems, the inherited
environment variables would override those which Tor tried to
explicitly set. Bugfix on 0.2.3.12-alpha for most Unixoid systems;
bugfix on 0.2.3.9-alpha for Windows.
o Minor features:
- A wide variety of new unit tests by Esteban Manchado Velázquez.
- Shorten links in the tor-exit-notice file. Patch by Christian Kujau.
- Update to the March 6 2012 Maxmind GeoLite Country database.
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk