diff options
| author | Roger Dingledine <arma@torproject.org> | 2012-06-05 18:50:29 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2012-06-05 18:50:29 -0400 |
| commit | c450e524860e23014da250bad88b476d0d540ff9 (patch) | |
| tree | dbf257f7f11ff80047c9678dd83891f0ce8eca83 | |
| parent | 4f62f420feb5e5d29ca9db4ea0e486b11023844f (diff) | |
| download | tor-c450e524860e23014da250bad88b476d0d540ff9.tar.gz tor-c450e524860e23014da250bad88b476d0d540ff9.zip | |
schedule tomorrow as the 0.2.2.37 release day
| -rw-r--r-- | ChangeLog | 27 | ||||
| -rw-r--r-- | changes/bug5283 | 6 | ||||
| -rw-r--r-- | changes/bug5969_022 | 7 | ||||
| -rw-r--r-- | changes/bug6007 | 5 | ||||
| -rw-r--r-- | changes/bug6033 | 6 |
5 files changed, 27 insertions, 24 deletions
@@ -1,3 +1,30 @@ +Changes in version 0.2.2.37 - 2012-06-06 + Tor 0.2.2.37 introduces a workaround for a critical renegotiation + bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself + currently). + + o Major bugfixes: + - Work around a bug in OpenSSL that broke renegotiation with TLS + 1.1 and TLS 1.2. Without this workaround, all attempts to speak + the v2 Tor connection protocol when both sides were using OpenSSL + 1.0.1 would fail. Resolves ticket 6033. + - When waiting for a client to renegotiate, don't allow it to add + any bytes to the input buffer. This fixes a potential DoS issue. + Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc. + - Fix an edge case where if we fetch or publish a hidden service + descriptor, we might build a 4-hop circuit and then use that circuit + for exiting afterwards -- even if the new last hop doesn't obey our + ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha. + + o Minor bugfixes: + - Fix a build warning with Clang 3.1 related to our use of vasprint. + Fixes bug 5969. Bugfix on 0.2.2.11-alpha. + + o Minor features: + - Tell GCC and Clang to check for any errors in format strings passed + to the tor_v*(print|scan)f functions. + + Changes in version 0.2.2.36 - 2012-05-24 Tor 0.2.2.36 updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, diff --git a/changes/bug5283 b/changes/bug5283 deleted file mode 100644 index f0325cf26c..0000000000 --- a/changes/bug5283 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Fix an edge case where if we fetch or publish a hidden service - descriptor, we might build a 4-hop circuit and then use that circuit - for exiting afterwards -- even if the new last hop doesn't obey our - ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha. - diff --git a/changes/bug5969_022 b/changes/bug5969_022 deleted file mode 100644 index 57c8744267..0000000000 --- a/changes/bug5969_022 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes - - Fix a build warning with Clang 3.1 related to our use of vasprint. - Fix for bug 5969. Bugfix on 0.2.2.11-alpha. - - o Compilation improvements: - - Tell GCC and Clang to check for any errors in format strings passed - to the tor_v*(print|scan)f functions. diff --git a/changes/bug6007 b/changes/bug6007 deleted file mode 100644 index 4e815754aa..0000000000 --- a/changes/bug6007 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security): - - When waiting for a client to renegotiate, don't allow it to add - any bytes to the input buffer. This fixes a DoS issue. Fix for - bugs 6007 and 5934; bugfix on 0.2.0.20-rc. - diff --git a/changes/bug6033 b/changes/bug6033 deleted file mode 100644 index 56cffd68b7..0000000000 --- a/changes/bug6033 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Work around a bug in OpenSSL that broke renegotiation with - TLS 1.1 and TLS 1.2. Without this workaround, all attempts - to speak the v2 Tor network protocol when both sides were - using OpenSSL 1.0.1 would fail. Fix for bug 6033, which is - not a bug in Tor. |