[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor 0.2.7.4-rc is released
Great news. Will somebody compile a package for Win32? I'd like to help test this on my relay.
> Date: Thu, 22 Oct 2015 09:17:49 -0400
> From: nickm@xxxxxxxxxxxxxx
> To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> Subject: [tor-talk] Tor 0.2.7.4-rc is released
> Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
> fixes some important memory leaks, and a scary-looking (but mostly
> harmless in practice) invalid-read bug. It also has a few small
> bugfixes, notably fixes for compilation and portability on different
> platforms. If no further significant bounds are found, the next
> release will the the official stable release.
> You can download the source from the usual place on the website.
> Packages should be up in a few days.
> NOTE: This is a release candidate. We think we've squashed most of
> the bugs, but there are probably a few left over.
> Changes in version 0.2.7.4-rc - 2015-10-21
> o Major bugfixes (security, correctness):
> - Fix an error that could cause us to read 4 bytes before the
> beginning of an openssl string. This bug could be used to cause
> Tor to crash on systems with unusual malloc implementations, or
> systems with unusual hardening installed. Fixes bug 17404; bugfix
> on 0.2.3.6-alpha.
> o Major bugfixes (correctness):
> - Fix a use-after-free bug in validate_intro_point_failure(). Fixes
> bug 17401; bugfix on 0.2.7.3-rc.
> o Major bugfixes (memory leaks):
> - Fix a memory leak in ed25519 batch signature checking. Fixes bug
> 17398; bugfix on 0.2.6.1-alpha.
> - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
> 17402; bugfix on 0.2.7.3-rc.
> - Fix a memory leak when reading an expired signing key from disk.
> Fixes bug 17403; bugfix on 0.2.7.2-rc.
> o Minor features (geoIP):
> - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
> Country database.
> o Minor bugfixes (compilation):
> - Repair compilation with the most recent (unreleased, alpha)
> vesions of OpenSSL 1.1. Fixes part of ticket 17237.
> - Fix an integer overflow warning in test_crypto_slow.c. Fixes bug
> 17251; bugfix on 0.2.7.2-alpha.
> - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
> bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
> o Minor bugfixes (portability):
> - Use libexecinfo on FreeBSD to enable backtrace support. Fixes
> part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from
> Marcin Cieślak.
> o Minor bugfixes (sandbox):
> - Add the "hidserv-stats" filename to our sandbox filter for the
> HiddenServiceStatistics option to work properly. Fixes bug 17354;
> bugfix on tor-0.2.6.2-alpha. Patch from David Goulet.
> o Minor bugfixes (testing):
> - Add unit tests for get_interface_address* failure cases. Fixes bug
> 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor.
> - Fix breakage when running 'make check' with BSD make. Fixes bug
> 17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
> - Make the get_ifaddrs_* unit tests more tolerant of different
> network configurations. (Don't assume every test box has an IPv4
> address, and don't assume every test box has a non-localhost
> address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor".
> - Skip backtrace tests when backtrace support is not compiled in.
> Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from
> Marcin Cieślak.
> o Documentation:
> - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
> - Note that HiddenServicePorts can take a unix domain socket. Closes
> ticket 17364.
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to