diff options
| author | Roger Dingledine <arma@torproject.org> | 2011-01-15 19:43:34 -0500 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2011-01-15 19:43:34 -0500 |
| commit | 2cb9ed2cd3e39b9a8a065b4c49747d121e4914fc (patch) | |
| tree | b6aa5734e5779e6568881fd1f7c94a525a6cc3aa | |
| parent | 9be473b82f9a4eb4664ec67e10c5b48bf4a4890c (diff) | |
| download | tor-2cb9ed2cd3e39b9a8a065b4c49747d121e4914fc.tar.gz tor-2cb9ed2cd3e39b9a8a065b4c49747d121e4914fc.zip | |
final changelog cleanup. it'll do.
| -rw-r--r-- | ChangeLog | 26 |
1 files changed, 14 insertions, 12 deletions
@@ -1,8 +1,8 @@ Changes in version 0.2.1.29 - 2011-01-15 Tor 0.2.1.29 continues our recent code security audit work. The main fix resolves a remote heap overflow vulnerability that can allow remote - code execution (CVE-2011-0427). Other fixes address a variety of assert - and crash bugs, most of which we think are hard to exploit remotely. + code execution. Other fixes address a variety of assert and crash bugs, + most of which we think are hard to exploit remotely. o Major bugfixes (security): - Fix a heap overflow bug where an adversary could cause heap @@ -11,10 +11,12 @@ Changes in version 0.2.1.29 - 2011-01-15 0.1.2.10-rc. - Prevent a denial-of-service attack by disallowing any zlib-compressed data whose compression factor is implausibly - high. Fixes part of bug 2324; reported by "doors". - - Zero out a few more keys in memory before freeing them. Fixes bug - 2384 and part of bug 2385. These key instances found by - "cypherpunks". Bugfix on 0.0.2pre9. + high. Fixes part of bug 2324; reported by "doorss". + - Zero out a few more keys in memory before freeing them. Fixes + bug 2384 and part of bug 2385. These key instances found by + "cypherpunks", based on Andrew Case's report about being able + to find sensitive data in Tor's memory space if you have enough + permissions. Bugfix on 0.0.2pre9. o Major bugfixes (crashes): - Prevent calls to Libevent from inside Libevent log handlers. @@ -26,11 +28,11 @@ Changes in version 0.2.1.29 - 2011-01-15 underflow errors there too. Fixes the other part of bug 2324. - Fix a bug where we would assert if we ever had a cached-descriptors.new file (or another file read directly into - memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes - bug 2326; bugfix on 0.2.1.25. + memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix + on 0.2.1.25. Found by doorss. - Fix some potential asserts and parsing issues with grossly - malformed router caches. Fixes bug 2352. Found by doorss. Bugfix - on Tor 0.2.1.27. + malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. + Found by doorss. o Minor bugfixes (other): - Fix a bug with handling misformed replies to reverse DNS lookup @@ -42,8 +44,8 @@ Changes in version 0.2.1.29 - 2011-01-15 - Fix a bug where we would declare that we had run out of virtual addresses when the address space was only half-exhausted. Bugfix on 0.1.2.1-alpha. - - Correctly handle the case where AutomapHostsOnResolve is set but no - virtual addresses are available. Fixes bug2328, bugfix on + - Correctly handle the case where AutomapHostsOnResolve is set but + no virtual addresses are available. Fixes bug 2328; bugfix on 0.1.2.1-alpha. Bug found by doorss. - Correctly handle wrapping around to when we run out of virtual address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. |