Tor 0.2.3.21-rc is the fourth release candidate for the Tor 0.2.3.x series. It fixes a trio of potential security bugs, fixes a bug where we were leaving some of the fast relays out of the microdescriptor consensus, resumes interpreting "ORPort 0" and "DirPort 0" correctly, and cleans up other smaller issues. https://www.torproject.org/download/download (Packages coming eventually.) Changes in version 0.2.3.21-rc - 2012-09-05 o Major bugfixes (security): - Tear down the circuit if we get an unexpected SENDME cell. Clients could use this trick to make their circuits receive cells faster than our flow control would have allowed, or to gum up the network, or possibly to do targeted memory denial-of-service attacks on entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor -- from July 2002, before the release of Tor 0.0.0. We had committed this patch previously, but we had to revert it because of bug 6271. Now that 6271 is fixed, this patch appears to work. - Reject any attempt to extend to an internal address. Without this fix, a router could be used to probe addresses on an internal network to see whether they were accepting connections. Fixes bug 6710; bugfix on 0.0.8pre1. - Do not crash when comparing an address with port value 0 to an address policy. This bug could have been used to cause a remote assertion failure by or against directory authorities, or to allow some applications to crash clients. Fixes bug 6690; bugfix on 0.2.1.10-alpha. o Major bugfixes: - Remove the upper bound on microdescriptor length. We were hitting the limit for routers with complex exit policies or family declarations, causing clients to not use them. Fixes the first piece of bug 6404; fix on 0.2.2.6-alpha. - Detect "ORPort 0" as meaning, uniformly, that we're not running as a relay. Previously, some of our code would treat the presence of any ORPort line as meaning that we should act like a relay, even though our new listener code would correctly not open any ORPorts for ORPort 0. Similar bugs in other Port options are also fixed. Fixes the first half of bug 6507; bugfix on 0.2.3.3-alpha. o Minor bugfixes: - Avoid a pair of double-free and use-after-mark bugs that can occur with certain timings in canceled and re-received DNS requests. Fixes bug 6472; bugfix on 0.0.7rc1. - Fix build and 64-bit compile warnings from --enable-openbsd-malloc. Fixes bug 6379. Bugfix on 0.2.0.20-rc. - Allow one-hop directory fetching circuits the full "circuit build timeout" period, rather than just half of it, before failing them and marking the relay down. This fix should help reduce cases where clients declare relays (or worse, bridges) unreachable because the TLS handshake takes a few seconds to complete. Fixes bug 6743; bugfix on 0.2.2.2-alpha, where we changed the timeout from a static 30 seconds. - Authorities no longer include any router in their microdescriptor consensuses for which they couldn't generate or agree on a microdescriptor. Fixes the second piece of bug 6404; fix on 0.2.2.6-alpha. - Detect and reject attempts to specify both "FooPort" and "FooPort 0" in the same configuration domain. (It's still okay to have a FooPort in your configuration file, and use "FooPort 0" on the command line to disable it.) Fixes the second half of bug 6507; bugfix on 0.2.3.3-alpha. - Make wildcarded addresses (that is, ones beginning with "*.") work when provided via the controller's MapAddress command. Previously, they were accepted, but we never actually noticed that they were wildcards. Fixes bug 6244; bugfix on 0.2.3.9-alpha. - Avoid crashing on a malformed state file where EntryGuardPathBias precedes EntryGuard. Fixes bug 6774; bugfix on 0.2.3.17-beta. - Add a (probably redundant) memory clear between iterations of the router status voting loop, to prevent future coding errors where data might leak between iterations of the loop. Resolves ticket 6514. o Minor bugfixes (log messages): - Downgrade "set buildtimeout to low value" messages to "info" severity; they were never an actual problem, there was never anything reasonable to do about them, and they tended to spam logs from time to time. Fixes bug 6251; bugfix on 0.2.2.2-alpha. - Downgrade path-bias warning messages to "info". We'll try to get them working better in 0.2.4. Add internal circuit construction state to protect against the noisy warn message "Unexpectedly high circuit_successes". Also add some additional rate-limited notice messages to help determine the root cause of the warn. Fixes bug 6475. Bugfix against 0.2.3.17-beta. - Move log message when unable to find a microdesc in a routerstatus entry to parse time. Previously we'd spam this warning every time we tried to figure out which microdescriptors to download. Fixes the third piece of bug 6404; fix on 0.2.3.18-rc. o Minor features: - Consider new, removed or changed IPv6 OR ports a non-cosmetic change when the authority is deciding whether to accept a newly uploaded descriptor. Implements ticket 6423. - Add missing documentation for consensus and microdesc files. Resolves ticket 6732.
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk