diff options
| author | Roger Dingledine <arma@torproject.org> | 2011-01-15 20:23:09 -0500 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2011-01-15 20:23:09 -0500 |
| commit | 9aba6032638e76c8822076a0c51872b1578cc48c (patch) | |
| tree | a15fcef698dabd1c076a20e2938ff539b207c069 | |
| parent | d52b86a6c8edbbd8baa46536a88676c02960f99a (diff) | |
| download | tor-9aba6032638e76c8822076a0c51872b1578cc48c.tar.gz tor-9aba6032638e76c8822076a0c51872b1578cc48c.zip | |
add in missing changelog entries
| -rw-r--r-- | ChangeLog | 85 |
1 files changed, 85 insertions, 0 deletions
@@ -98,6 +98,72 @@ Changes in version 0.2.2.21-alpha - 2011-01-15 tor-resolve. +Changes in version 0.2.1.29 - 2011-01-15 + Tor 0.2.1.29 continues our recent code security audit work. The main + fix resolves a remote heap overflow vulnerability that can allow remote + code execution. Other fixes address a variety of assert and crash bugs, + most of which we think are hard to exploit remotely. + + o Major bugfixes (security): + - Fix a heap overflow bug where an adversary could cause heap + corruption. This bug probably allows remote code execution + attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on + 0.1.2.10-rc. + - Prevent a denial-of-service attack by disallowing any + zlib-compressed data whose compression factor is implausibly + high. Fixes part of bug 2324; reported by "doorss". + - Zero out a few more keys in memory before freeing them. Fixes + bug 2384 and part of bug 2385. These key instances found by + "cypherpunks", based on Andrew Case's report about being able + to find sensitive data in Tor's memory space if you have enough + permissions. Bugfix on 0.0.2pre9. + + o Major bugfixes (crashes): + - Prevent calls to Libevent from inside Libevent log handlers. + This had potential to cause a nasty set of crashes, especially + if running Libevent with debug logging enabled, and running + Tor with a controller watching for low-severity log messages. + Bugfix on 0.1.0.2-rc. Fixes bug 2190. + - Add a check for SIZE_T_MAX to tor_realloc() to try to avoid + underflow errors there too. Fixes the other part of bug 2324. + - Fix a bug where we would assert if we ever had a + cached-descriptors.new file (or another file read directly into + memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix + on 0.2.1.25. Found by doorss. + - Fix some potential asserts and parsing issues with grossly + malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. + Found by doorss. + + o Minor bugfixes (other): + - Fix a bug with handling misformed replies to reverse DNS lookup + requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a + bug reported by doorss. + - Fix compilation on mingw when a pthreads compatibility library + has been installed. (We don't want to use it, so we shouldn't + be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. + - Fix a bug where we would declare that we had run out of virtual + addresses when the address space was only half-exhausted. Bugfix + on 0.1.2.1-alpha. + - Correctly handle the case where AutomapHostsOnResolve is set but + no virtual addresses are available. Fixes bug 2328; bugfix on + 0.1.2.1-alpha. Bug found by doorss. + - Correctly handle wrapping around to when we run out of virtual + address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. + - The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c + because we built it with a too-old version of automake. Thus that + release broke ./configure --enable-openbsd-malloc, which is popular + among really fast exit relays on Linux. + + o Minor features: + - Update to the January 1 2011 Maxmind GeoLite Country database. + - Introduce output size checks on all of our decryption functions. + + o Build changes: + - Tor does not build packages correctly with Automake 1.6 and earlier; + added a check to Makefile.am to make sure that we're building with + Automake 1.7 or later. + + Changes in version 0.2.2.20-alpha - 2010-12-17 Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely exploitable bugs. We also fix a variety of other significant bugs, @@ -150,6 +216,25 @@ Changes in version 0.2.2.20-alpha - 2010-12-17 task 2196. +Changes in version 0.2.1.28 - 2010-12-17 + Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely + exploitable bugs. We also took this opportunity to change the IP address + for one of our directory authorities, and to update the geoip database + we ship. + + o Major bugfixes: + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out. Everyone should + upgrade. Bugfix on the 0.1.1 series and later. + + o Directory authority changes: + - Change IP address and ports for gabelmoo (v3 directory authority). + + o Minor features: + - Update to the December 1 2010 Maxmind GeoLite Country database. + + Changes in version 0.2.1.27 - 2010-11-23 Yet another OpenSSL security patch broke its compatibility with Tor: Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We |