Copy 0.2.1.32 changelog entry into releasenotes

1 files changed, 23 insertions, 0 deletions

diff --git a/ReleaseNotes b/ReleaseNotes
index e3de631464..6a538e5e22 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -3,6 +3,29 @@ This document summarizes new features and bugfixes in each stable release
 of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
+Changes in version 0.2.1.32 - 2011-12-16
+  Tor 0.2.1.32 backports important security and privacy fixes for
+  oldstable. This release is intended only for package maintainers and
+  others who cannot use the 0.2.2 stable series. All others should be
+  using Tor 0.2.2.x or newer.
+
+  The Tor 0.2.1.x series will reach formal end-of-life some time in
+  early 2012, when we will stop releasing patches for it.
+
+  o Major bugfixes (also included in 0.2.2.x):
+    - Correctly sanity-check that we don't underflow on a memory
+      allocation (and then assert) for hidden service introduction
+      point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410;
+      bugfix on 0.2.1.5-alpha.
+    - Fix a heap overflow bug that could occur when trying to pull
+      data into the first chunk of a buffer, when that chunk had
+      already had some data drained from it. Fixes CVE-2011-2778;
+      bugfix on 0.2.0.16-alpha. Reported by "Vektor".
+
+  o Minor features:
+    - Update to the December 6 2011 Maxmind GeoLite Country database.
+
+
 Changes in version 0.2.1.31 - 2011-10-26
   Tor 0.2.1.31 backports important security and privacy fixes for
   oldstable. This release is intended only for package maintainers and