Hi, On 2012.10/26, Roger Dingledine wrote: > Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix > two important security vulnerabilities that could lead to remotely > triggerable relay crashes, fix a major bug that was preventing clients > from choosing suitable exit nodes, and refactor some of our code. Thanks for the heads up! I'm one of those relays that run bleeding edge. It's nice to see that debian/tor got updated at the same time as the mair tor repo. In the past it seems to get behing by a few days. I've standardized on installing tor only from a .deb file on the Ubuntu box. So a delay in updating debian/tor delays rolling out the updating code on the relay. Keep up the good work everyone. All the best, RgC > > https://www.torproject.org/dist/ > > Changes in version 0.2.4.5-alpha - 2012-10-25 > o Major bugfixes (security, also in 0.2.3.24-rc): > - Fix a group of remotely triggerable assertion failures related to > incorrect link protocol negotiation. Found, diagnosed, and fixed > by "some guy from France". Fix for CVE-2012-2250; bugfix on > 0.2.3.6-alpha. > - Fix a denial of service attack by which any directory authority > could crash all the others, or by which a single v2 directory > authority could crash everybody downloading v2 directory > information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. > > o Major bugfixes (also in 0.2.3.24-rc): > - When parsing exit policy summaries from microdescriptors, we had > previously been ignoring the last character in each one, so that > "accept 80,443,8080" would be treated by clients as indicating > a node that allows access to ports 80, 443, and 808. That would > lead to clients attempting connections that could never work, > and ignoring exit nodes that would support their connections. Now > clients parse these exit policy summaries correctly. Fixes bug 7192; > bugfix on 0.2.3.1-alpha. > > o Minor bugfixes (also in 0.2.3.24-rc): > - Clients now consider the ClientRejectInternalAddresses config option > when using a microdescriptor consensus stanza to decide whether > an exit relay would allow exiting to an internal address. Fixes > bug 7190; bugfix on 0.2.3.1-alpha. > > o Minor bugfixes: > - Only disable TLS session ticket support when running as a TLS > server. Now clients will blend better with regular Firefox > connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. > > o Code simplification and refactoring: > - Start using OpenBSD's implementation of queue.h (originally by > Niels Provos). > - Move the entry node code from circuitbuild.c to its own file. > - Move the circuit build timeout tracking code from circuitbuild.c > to its own file. > > _______________________________________________ > tor-talk mailing list > tor-talk@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Attachment:
pgp0k3XIciqdh.pgp
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk