diff options
author | Roger Dingledine <arma@torproject.org> | 2011-01-15 19:33:29 -0500 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2011-01-15 19:33:29 -0500 |
commit | 54777960ceda94eb9561e25986d3453cf7e80807 (patch) | |
tree | 2adf058c4e9c2b2f52cf6bf553267232f4107ef0 | |
parent | 34d457ea7d05bdd34c5ef25b1a67454133883919 (diff) | |
download | tor-54777960ceda94eb9561e25986d3453cf7e80807.tar.gz tor-54777960ceda94eb9561e25986d3453cf7e80807.zip |
fold in more changes entries
-rw-r--r-- | ChangeLog | 77 | ||||
-rw-r--r-- | changes/bug2060 | 4 | ||||
-rw-r--r-- | changes/bug2314 | 4 | ||||
-rw-r--r-- | changes/bug2330 | 7 | ||||
-rw-r--r-- | changes/bug2331 | 7 | ||||
-rw-r--r-- | changes/bug2337 | 3 | ||||
-rw-r--r-- | changes/bug2346 | 6 | ||||
-rw-r--r-- | changes/bug2363 | 6 | ||||
-rw-r--r-- | changes/bug2364 | 4 |
9 files changed, 56 insertions, 62 deletions
@@ -1,17 +1,25 @@ Changes in version 0.2.2.21-alpha - 2011-01-15 - o Major bugfixes (security): + Tor 0.2.2.21-alpha includes all the patches from Tor 0.2.1.29, which + continues our recent code security audit work. The main fix resolves + a remote heap overflow vulnerability that can allow remote code + execution (CVE-2011-0427). Other fixes address a variety of assert + and crash bugs, most of which we think are hard to exploit remotely. + + o Major bugfixes (security), also included in 0.2.1.29: - Fix a heap overflow bug where an adversary could cause heap corruption. This bug probably allows remote code execution attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on 0.1.2.10-rc. - Prevent a denial-of-service attack by disallowing any zlib-compressed data whose compression factor is implausibly - high. Fixes part of bug 2324; reported by "doors". - - Zero out a few more keys in memory before freeing them. Fixes bug - 2384 and part of bug 2385. These key instances found by - "cypherpunks". Bugfix on 0.0.2pre9. - - o Major bugfixes (crashes): + high. Fixes part of bug 2324; reported by "doorss". + - Zero out a few more keys in memory before freeing them. Fixes + bug 2384 and part of bug 2385. These key instances found by + "cypherpunks", based on Andrew Case's report about being able + to find sensitive data in Tor's memory space if you have enough + permissions. Bugfix on 0.0.2pre9. + + o Major bugfixes (crashes), also included in 0.2.1.29: - Prevent calls to Libevent from inside Libevent log handlers. This had potential to cause a nasty set of crashes, especially if running Libevent with debug logging enabled, and running @@ -21,13 +29,13 @@ Changes in version 0.2.2.21-alpha - 2011-01-15 underflow errors there too. Fixes the other part of bug 2324. - Fix a bug where we would assert if we ever had a cached-descriptors.new file (or another file read directly into - memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes - bug 2326; bugfix on 0.2.1.25. + memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix + on 0.2.1.25. Found by doorss. - Fix some potential asserts and parsing issues with grossly - malformed router caches. Fixes bug 2352. Found by doorss. Bugfix - on Tor 0.2.1.27. + malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27. + Found by doorss. - o Minor bugfixes (other): + o Minor bugfixes (other), also included in 0.2.1.29: - Fix a bug with handling misformed replies to reverse DNS lookup requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug reported by doorss. @@ -37,8 +45,8 @@ Changes in version 0.2.2.21-alpha - 2011-01-15 - Fix a bug where we would declare that we had run out of virtual addresses when the address space was only half-exhausted. Bugfix on 0.1.2.1-alpha. - - Correctly handle the case where AutomapHostsOnResolve is set but no - virtual addresses are available. Fixes bug2328, bugfix on + - Correctly handle the case where AutomapHostsOnResolve is set but + no virtual addresses are available. Fixes bug 2328; bugfix on 0.1.2.1-alpha. Bug found by doorss. - Correctly handle wrapping around to when we run out of virtual address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. @@ -47,20 +55,47 @@ Changes in version 0.2.2.21-alpha - 2011-01-15 release broke ./configure --enable-openbsd-malloc, which is popular among really fast exit relays on Linux. - o Minor features: + o Minor features, also included in 0.2.1.29: - Update to the January 1 2011 Maxmind GeoLite Country database. - Introduce output size checks on all of our decryption functions. - o Build changes: + o Build changes, also included in 0.2.1.29: - Tor does not build packages correctly with Automake 1.6 and earlier; added a check to Makefile.am to make sure that we're building with Automake 1.7 or later. - o Minor bugfixes - - Make Libevent log messages get delievered to controllers later, - and not from inside the Libevent log handler. This prevents - unsafe reentrant Libevent calls while still letting the log - messages get through. + o Minor features, new in 0.2.2.21-alpha: + - Make sure to disable DirPort if running as a bridge. DirPorts aren't + used on bridges, and it makes bridge scanning somewhat easier. + - If writing the state file to disk fails, wait up to an hour before + retrying again, rather than trying again each second. Fixes bug + 2346; bugfix on Tor 0.1.1.3-alpha. + - Make Libevent log messages get delivered to controllers later, + and not from inside the Libevent log handler. This prevents unsafe + reentrant Libevent calls while still letting the log messages + get through. + - Detect platforms that brokenly use a signed size_t, and refuse to + build there. Found and analyzed by doorss and rransom. + - Fix a bunch of compile warnings revealed by mingw with gcc 4.5. + Resolves bug 2314. + + o Minor bugfixes, new in 0.2.2.21-alpha: + - Handle SOCKS messages longer than 128 bytes long correctly, rather + than waiting forever for them to finish. Fixes bug 2330; bugfix + on 0.2.0.16-alpha. Found by doorss. + - Add assertions to check for overflow in arguments to + base32_encode() and base32_decode(); fix a signed-unsigned + comparison there too. These bugs are not actually reachable in Tor, + but it's good to prevent future errors too. Found by doorss. + - Correctly detect failures to create DNS requests when using Libevent + versions before v2. (Before Libevent 2, we used our own evdns + implementation. Its return values for Libevent's evdns_resolve_*() + functions are not consistent with those from Libevent.) Fixes bug + 2363; bugfix on 0.2.2.6-alpha. Found by "lodger". + + o Documentation, new in 0.2.2.21-alpha: + - Document the default socks host and port (127.0.0.1:9050) for + tor-resolve. Changes in version 0.2.2.20-alpha - 2010-12-17 diff --git a/changes/bug2060 b/changes/bug2060 deleted file mode 100644 index eb95aedb26..0000000000 --- a/changes/bug2060 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Make sure to disable DirPort if running as a bridge. DirPorts aren't - used on bridges, and it makes bridge scanning way too easy. - diff --git a/changes/bug2314 b/changes/bug2314 deleted file mode 100644 index 41a232812c..0000000000 --- a/changes/bug2314 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Fix a bunch of compile warnings revealed by mingw with gcc 4.5. Fixes - bug 2314. - diff --git a/changes/bug2330 b/changes/bug2330 deleted file mode 100644 index fc0c4d8c36..0000000000 --- a/changes/bug2330 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes - - Handle SOCKS messages longer than 128 bytes long correctly, rather - than waiting forever for them to finish. Fixes bug 2330. Bugfix on - 0.2.0.16-alpha. Found by doorss. - - - diff --git a/changes/bug2331 b/changes/bug2331 deleted file mode 100644 index 9940b591cb..0000000000 --- a/changes/bug2331 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Add assertions to check for overflow in arguments to - base32_encode and base32_decode; fix a signed-unsigned - comparison there too. These bugs are not actually reachable in - Tor, but it's good to prevent future errors too. Found by - doorss. - diff --git a/changes/bug2337 b/changes/bug2337 deleted file mode 100644 index a4f052dc31..0000000000 --- a/changes/bug2337 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - Detect broken platforms with a signed size_t, and refuse to - build there. Found and analyzed by doorss and rransom. diff --git a/changes/bug2346 b/changes/bug2346 deleted file mode 100644 index 0f78b84614..0000000000 --- a/changes/bug2346 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features - - If writing the state file to disk fails, wait up to an hour - before retrying again. (Our old code would retry the write - immediately.) Fixes bug 2346. Bugfix on Tor 0.1.1.3-alpha. - - diff --git a/changes/bug2363 b/changes/bug2363 deleted file mode 100644 index 179925f65c..0000000000 --- a/changes/bug2363 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Correctly detect failures to create DNS requests when using Libevent - versions before v2. (Before Libevent 2, we used our own evdns - implementation. Its return values for Libevent's evdns_resolve_*() - functions are not consistent with those from Libevent.) Found by - Lodger; fixes bug 2363; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug2364 b/changes/bug2364 deleted file mode 100644 index 37de6ef526..0000000000 --- a/changes/bug2364 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation - - Document the default socks host and port (127.0.0.1:9050) for - tor-resolve. - |